Micro-services architecture to integrate heterogeneous nodes for digital feed generation

ABSTRACT

Example implementations include determining, based on participant objects input into a machine learning model, to transmit a query to a third-party application based on a machine learning model trained with historical data associated with opportunities provided by third-party applications, transmitting to a third-party application, the query constructed based on a template compatible with an application programming interface (“API”) of the third-party application, receiving a response from the third-party application including an event and a profile for a participant of a service provided by the third-party application, the profile linked with a participant object and generated in response to importing information associated with the profile from a third-party administrator device, the event indicative of an opportunity to reduce resource utilization, determining that the participant object satisfies a parameter of the event, and providing to a computing device of the participant object responsive to satisfaction of the parameter, an indication of the event.

CROSS-REFERENCE TO RELATED PATENT APPLICATIONS

This application claims the benefit of priority under 35 U.S.C. § 120 asa continuation of U.S. patent application Ser. No. 17/214,441, filedMar. 26, 2021, which claims the benefit of priority under 35 U.S.C. §119 to U.S. Provisional Patent Application Ser. No. 63/056,330, entitled“MICRO-SERVICES ARCHITECTURE TO INTEGRATE HETEROGENEOUS NODES FORDIGITAL FEED GENERATION,” filed Jul. 24, 2020, each of which is herebyincorporated by reference herein in its entirety.

TECHNICAL FIELD

This disclosure relates generally to digital healthcare infrastructure,and more particularly to a micro-services architecture to integrateheterogeneous nodes for digital feed generation.

BACKGROUND

Individuals can obtain goods or services related to healthcare.Computing systems can provide information about such goods or servicesrelated to healthcare. However, as the number and types of goods andservices increase, it can be challenging for computing systems toefficiently and reliably identify particular goods and services for anindividual.

SUMMARY

Health care opportunities are increasing in complexity and scope inresponse to the expansion of health care services available to healthcare consumers. Participants in various health care support programs andhealth care accounts face increasingly complex and interwovenopportunities with time-sensitive conditions and complexinterdependencies. However, conventional systems may not effectivelyintegrate communication and customer service actions acrossheterogeneous services and accounts controlled by independent healthcare provider entities, resulting in a loss of opportunities due to lackof computational technological systems to rapidly and securelycommunicate with heterogeneous systems centered on a participant'sassociations with services coupled to those systems. Thus, atechnological solution for a micro-services architecture to integrateheterogeneous nodes for digital feed generation is desired.

At least one aspect of this technical solution is directed to a systemwith a data processing system including memory operatively coupled toone or more hardware processors to determine, based on informationassociated with one or more participant objects input into a machinelearning model, to transmit a query to a third-party application basedon an output of the machine learning model, the machine learning modeltrained with historical data associated with opportunities provided bythird-party applications, transmit, to a third-party application, thequery constructed based on a template compatible with an applicationprogramming interface (“API”) of the third-party application, receive,responsive to the query, a response from the third-party applicationincluding an event and a profile for a participant of a service providedby the third-party application, the profile linked with a participantobject and generated in response to importing information associatedwith the profile from a third-party administrator device, the eventindicative of an opportunity to reduce resource utilization, determinethat the participant object satisfies a parameter associated with theevent, and provide, to a computing device of the participant objectresponsive to satisfaction of the parameter, an indication of the event.

In some arrangements, the data processing system is further configuredto determine to query the third-party application responsive to atrigger condition.

In some arrangements, the data processing system is further configuredto crawl a web page associated with a provider of the third-partyapplication, and determine, responsive to the crawl of the web page, toquery the third-party application responsive to identifying a candidateopportunity on the web page of the provider associated with thethird-party application.

In some arrangements, the data processing system is further configuredto determine, based on a location of the computing device linked withthe participant object, to transmit the query to the third-partyapplication.

In some arrangements, the data processing system is further configuredto identify, via an interface of the data processing system, thethird-party application among the plurality of third-party applicationsconfigured with application programming interfaces (“APIs”) compatiblewith the interface of the data processing system.

In some arrangements, the data processing system is further configuredto identify a second third-party application different from thethird-party application, select a second template different than thetemplate, the second template compatible with a second API of the secondthird-party application that is different than the API of thethird-party application, and construct a second query for opportunitiesbased on the second template.

In some arrangements, the data processing system is further configuredto construct the query with credentials authorizing the data processingsystem to receive the response with the event.

In some arrangements, the credentials correspond to the participantobject.

In some arrangements, the data processing system is further configuredto parse the response to identify the event, construct an object toprovide to the computing device based on the identified event, andtransmit the object based on the event for presentation via thecomputing device.

In some arrangements, the data processing system is further configuredto receive, responsive to transmission of the object based on the event,an indication to execute the object based on the event, and authorize,responsive to the indication, the object based on the event forexecution by the participant object.

At least one aspect of this technical solution is directed to a methodof determining, by a data processing system including one or moreprocessors, based on information associated with one or more participantobjects input into a machine learning model, to transmit a query to athird-party application based on an output of the machine learningmodel, the machine learning model trained with historical dataassociated with opportunities provided by third-party applications,transmitting, by the data processing system, to a third-partyapplication, the query constructed based on a template compatible withan application programming interface (“API”) of the third-partyapplication, receiving, by the data processing system, responsive to thequery, a response from the third-party application including an eventand a profile for a participant of a service provided by the third-partyapplication, the profile linked with a participant object and generatedin response to importing information associated with the profile from athird-party administrator device, the event indicative of an opportunityto reduce resource utilization, determining, by the data processingsystem, that the participant object satisfies a parameter associatedwith the event, and providing, by the data processing system, to acomputing device of the participant object responsive to satisfaction ofthe parameter, an indication of the event.

The method can include determining, by the data processing system, toquery the third-party application responsive to a trigger condition.

The method can include crawling a web page associated with a provider ofthe third-party application, and determining, responsive to the crawl ofthe web page, to query the third-party application responsive toidentifying a candidate opportunity on the web page of the providerassociated with the third-party application.

The method can include determining, based on a location of the computingdevice linked with the participant object, to transmit the query to thethird-party application.

The method can include identifying, via an interface of the dataprocessing system, the third-party application among the plurality ofthird-party applications configured with application programminginterfaces (“APIs”) compatible with the interface of the data processingsystem.

The method can include identifying a second third-party applicationdifferent from the third-party application, selecting a second templatedifferent than the template, the second template compatible with asecond API of the second third-party application that is different thanthe API of the third-party application, and construct a second query foropportunities based on the second template.

The method can include constructing the query with credentialsauthorizing the data processing system to receive the response with theevent.

In some arrangements, the credentials correspond to the participantobject.

In some arrangements, parsing the response to identify the event,constructing an object to provide to the computing device based on theidentified event, and transmitting the object based on the event forpresentation via the computing device.

The method can include receiving, responsive to transmission of theobject based on the event, an indication to execute the object based onthe event, and authorizing, responsive to the indication, the objectbased on the event for execution by the participant object.

At least one aspect of this technical solution is directed to a systemto present opportunities from third-party applications, with a dataprocessing system comprising memory and one or more processors toidentify, via an interface of the data processing system, a third-partyapplication of a plurality of third-party applications configured withapplication programming interfaces (“APIs”) compatible with theinterface of the data processing system, transmit, to the third-partyapplication, a query constructed based on a template that is compatiblewith an API of the third-party application, receive, responsive to thequery, a response from the third-party application comprising anopportunity event, select a participant object that satisfies one ormore parameters associated with the opportunity event, and provide, to acomputing device linked with the participant object, an indication ofthe opportunity event.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to determine toquery the third-party application responsive to a trigger condition.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to crawl a webpage associated with a provider of the third-party application, anddetermine, responsive to the crawl of the web page, to query thethird-party application responsive to identifying a candidateopportunity on the web page of the provider associated with thethird-party application.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to determine,based on a location of the computing device linked with the participantobject, to transmit the query to the third-party application.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to train amachine learning model with historical data associated withopportunities provided by third-party applications, determine, based oninformation associated with the participant object input into themachine learning model, to transmit the query to the third-partyapplication based on an output of the machine learning model.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to identify asecond third-party application different from the third-partyapplication, select a second template different than the template, thesecond template compatible with a second API of the second third-partyapplication that is different than the API of the third-partyapplication, and construct a second query for opportunities based on thesecond template.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to construct thequery with credentials authorizing the data processing system to receivethe response with the opportunity event.

At least one aspect of this technical solution is directed to a systemwhere the credentials correspond to the participant object.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to parse theresponse to identify the opportunity event, construct an opportunityobject to provide to the computing device based on the identifiedopportunity event, and transmit the opportunity object for presentationvia the computing device.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to receive,responsive to transmission of the opportunity object, an indication toexecute the opportunity object, and authorize, responsive to theindication, the opportunity object for execution by the participantobject.

At least one aspect of this technical solution is directed to a methodof presenting opportunities from third-party applications, byidentifying, by a data processing system comprising one or moreprocessors via an interface of the data processing system, a third-partyapplication of a plurality of third-party applications configured withapplication programming interfaces (“APIs”) compatible with theinterface of the data processing system, transmitting, by the dataprocessing system to the third-party application, a query constructedbased on a template that is compatible with an API of the third-partyapplication, receiving, by the data processing system responsive to thequery, a response from the third-party application comprising anopportunity event, selecting, by the data processing system, aparticipant object that satisfies one or more parameters associated withthe opportunity event, and providing, by the data processing system to acomputing device linked with the participant object, an indication ofthe opportunity event.

At least one aspect of this technical solution is directed to a methodof determining, by the data processing system, to query the third-partyapplication responsive to a trigger condition.

At least one aspect of this technical solution is directed to a methodof crawling, by the data processing system, a web page associated with aprovider of the third-party application, and determining, by the dataprocessing system responsive to the crawl of the web page, to query thethird-party application responsive to identifying a candidateopportunity on the web page of the provider associated with thethird-party application.

At least one aspect of this technical solution is directed to a methodof determining, by the data processing system based on a location of thecomputing device linked with the participant object, to transmit thequery to the third-party application.

At least one aspect of this technical solution is directed to a methodof training, by the data processing system, a machine learning modelwith historical data associated with opportunities provided bythird-party applications, determining, by the data processing systembased on information associated with the participant object input intothe machine learning model, to transmit the query to the third-partyapplication based on an output of the machine learning model.

At least one aspect of this technical solution is directed to a methodof identifying, by the data processing system, a second third-partyapplication different from the third-party application, selecting, bythe data processing system, a second template different than thetemplate, the second template compatible with a second API of the secondthird-party application that is different than the API of thethird-party application, and constructing, by the data processingsystem, a second query for opportunities based on the second template.

At least one aspect of this technical solution is directed to a methodof constructing, by the data processing system, the query withcredentials authorizing the data processing system to receive theresponse with the opportunity event.

At least one aspect of this technical solution is directed to a methodwhere the credentials correspond to the participant object.

At least one aspect of this technical solution is directed to a methodof parsing, by the data processing system, the response to identify theopportunity event, constructing, by the data processing system, anopportunity object to provide to the computing device based on theidentified opportunity event, and transmitting, by the data processingsystem, the opportunity object for presentation via the computingdevice.

At least one aspect of this technical solution is directed to a methodof receiving, by the data processing system responsive to transmissionof the opportunity object, an indication to execute the opportunityobject, and authorizing, by the data processing system responsive to theindication, the opportunity object for execution by the participantobject.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other aspects and features of the present implementations willbecome apparent to those ordinarily skilled in the art upon review ofthe following description of specific implementations in conjunctionwith the accompanying figures, wherein:

FIG. 1A illustrates an example network environment including a clientdevice in communication with a server device, in accordance with presentimplementations.

FIG. 1B illustrates an example cloud computing environment including aclient device in communication with cloud service providers, inaccordance with present implementations.

FIGS. 1C and 1D illustrate example computing devices in accordance withpresent implementations.

FIG. 2 illustrates an example cloud computing environment including anexample data processing system, in accordance with presentimplementations.

FIG. 3 illustrates an example data processing system, in accordance withpresent implementations.

FIG. 4 illustrates an example participant database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations.

FIG. 5 illustrates an example opportunity database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations.

FIG. 6 illustrates an example gateway database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations.

FIG. 7 illustrates an example electronic device associated with anexample data processing system, in accordance with presentimplementations.

FIG. 8 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, inaccordance with present implementations.

FIG. 9 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 8 , in accordance with present implementations.

FIG. 10 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 9 , in accordance with present implementations.

FIG. 11 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 10 , in accordance with present implementations.

DETAILED DESCRIPTION

The present implementations will now be described in detail withreference to the drawings, which are provided as illustrative examplesof the implementations so as to enable those skilled in the art topractice the implementations and alternatives apparent to those skilledin the art. Notably, the figures and examples below are not meant tolimit the scope of the present implementations to a singleimplementation, but other implementations are possible by way ofinterchange of some or all of the described or illustrated elements.Moreover, where certain elements of the present implementations can bepartially or fully implemented using known components, only thoseportions of such known components that are necessary for anunderstanding of the present implementations will be described, anddetailed descriptions of other portions of such known components will beomitted so as not to obscure the present implementations.Implementations described as being implemented in software should not belimited thereto, but can include implementations implemented inhardware, or combinations of software and hardware, and vice-versa, aswill be apparent to those skilled in the art, unless otherwise specifiedherein. In the present specification, an implementation showing asingular component should not be considered limiting; rather, thepresent disclosure is intended to encompass other implementationsincluding a plurality of the same component, and vice-versa, unlessexplicitly stated otherwise herein. Moreover, applicants do not intendfor any term in the specification or claims to be ascribed an uncommonor special meaning unless explicitly set forth as such. Further, thepresent implementations encompass present and future known equivalentsto the known components referred to herein by way of illustration.

A data processing system can identify opportunities at third partysystems and can manage and control execution of those identifiedopportunities on behalf of individual participants associated with thethird party systems. The data processing system can identify and respondto opportunities at various times based on opportunity events.Opportunity events can include particular times, conditions, or anycombination thereof detected by the data processing system. The dataprocessing system can detect opportunity events by, for example,crawling a web page of a third party system periodically, or receiving asystem notification from a third party system responsive to a change inone or more states associated with the third party system. The dataprocessing system can generate opportunity objects and authorizeexecution of those opportunity objects to effect execution of variousoperations at or by particular third party systems. The data processingsystem can generate opportunity objects based on information gathered bya crawling operation on a third party system. The data processing systemcan instruct a third party system to execute a particular actionassociated with the opportunity object to execute the opportunity. Thedata processing system can use credentials associated with a participantuser for a third party system to crawl a secure web page associated withthe participant user and to provide secure instructions associated withthe participant user to authorize various opportunity executions.

The data processing system can include a micro-services architecture tointegrate functionality of third-party applications to providecentralized participant account interaction and execution features. Thedata processing system can include an underlying system architectureincluding middleware or a middle tier to interface with multiplethird-party applications or data sources. The underlying systemarchitecture can have a “plug-n-play” structure. The data processingsystem can select a third party application, obtain a template toconstruct a query that is compatible with an API of a third partyapplication, and receive a response to the query from the third partyapplication. The data processing system can parse responses to identifyattributes in responses, and process the attributes to determineopportunities. As one example, the data processing system can identify anew opportunity by selecting one or more third party applications,constructing one or more queries compatible with APIs for the thirdparty applications, and receiving data from third party applications. Asone example, an application can include a virtual medicine cabinetapplication.

For purposes of reading the description of the various implementationsbelow, the following descriptions of the sections of the specificationand their respective contents can be helpful:

Section A describes a network environment and computing environmentwhich can be useful for practicing implementations described herein.

Section B describes implementations of systems and methods for amicro-services architecture to integrate heterogeneous nodes for digitalfeed generation.

A. Computing and Network Environment

Prior to discussing specific implementations of the present solution, itcan be helpful to describe aspects of the operating environment as wellas associated system components (e.g., hardware elements) in connectionwith the methods and systems described herein. Referring to FIG. 1A, animplementation of a network environment is depicted. In brief overview,the network environment includes one or more clients 102 a-102 n (alsogenerally referred to as local machine(s) 102, client(s) 102, clientnode(s) 102, client machine(s) 102, client computer(s) 102, clientdevice(s) 102, endpoint(s) 102, or endpoint node(s) 102) incommunication with one or more servers 106 a-106 n (also generallyreferred to as server(s) 106, node 106, or remote machine(s) 106) viaone or more networks 104. In some implementations, a client 102 has thecapacity to function as both a client node seeking obtain to resourcesprovided by a server and as a server providing obtain to hostedresources for other clients 102 a-102 n.

Although FIG. 1A shows a network 104 between the clients 102 and theservers 106, the clients 102 and the servers 106 can be on the samenetwork 104. In some implementations, there are multiple networks 104between the clients 102 and the servers 106. In one of theseimplementations, a network 104′ (not shown) can be a private network anda network 104 can be a public network. In another of theseimplementations, a network 104 can be a private network and a network104′ a public network. In still another of these implementations,networks 104 and 104′ can both be private networks.

The network 104 can be connected via wired or wireless links. Wiredlinks can include Digital Subscriber Line (DSL), coaxial cable lines, oroptical fiber lines. The wireless links can include BLUETOOTH, Wi-Fi,Worldwide Interoperability for Microwave Access (WiMAX), an infraredchannel or satellite band. The wireless links can also include anycellular network standards used to communicate among mobile devices,including standards that qualify as 1G, 2G, 3G, or 4G. The networkstandards can qualify as one or more generation of mobiletelecommunication standards by fulfilling a specification or standardssuch as the specifications maintained by International TelecommunicationUnion. The 3G standards, for example, can correspond to theInternational Mobile Telecommunications-2000 (IMT-2000) specification,and the 4G standards can correspond to the International MobileTelecommunications Advanced (IMT-Advanced) specification. Examples ofcellular network standards include AMPS, GSM, GPRS, UMTS, LTE, LTEAdvanced, Mobile WiMAX, and WiMAX-Advanced. Cellular network standardscan use various channel access methods e.g. FDMA, TDMA, CDMA, or SDMA.In some implementations, different types of data can be transmitted viadifferent links and standards. In other implementations, the same typesof data can be transmitted via different links and standards.

The network 104 can be any type and/or form of network. The geographicalscope of the network 104 can vary widely and the network 104 can be abody area network (BAN), a personal area network (PAN), a local-areanetwork (LAN), e.g. Intranet, a metropolitan area network (MAN), a widearea network (WAN), or the Internet. The topology of the network 104 canbe of any form and can include, e.g., any of the following:point-to-point, bus, star, ring, mesh, or tree. The network 104 can bean overlay network which is virtual and sits on top of one or morelayers of other networks 104′. The network 104 can be of any suchnetwork topology as known to those ordinarily skilled in the art capableof supporting the operations described herein. The network 104 canutilize different techniques and layers or stacks of protocols,including, e.g., the Ethernet protocol, the internet protocol suite(TCP/IP), the ATM (Asynchronous Transfer Mode) technique, the SONET(Synchronous Optical Networking) protocol, or the SDH (SynchronousDigital Hierarchy) protocol. The TCP/IP internet protocol suite caninclude application layer, transport layer, internet layer (including,e.g., IPv6), or the link layer. The network 104 can be a type of abroadcast network, a telecommunications network, a data communicationnetwork, or a computer network.

In some implementations, the system can include multiple,logically-grouped servers 106. In one of these implementations, thelogical group of servers can be referred to as a server farm 38 or amachine farm 38. In another of these implementations, the servers 106can be geographically dispersed. In other implementations, a machinefarm 38 can be administered as a single entity. In still otherimplementations, the machine farm 38 includes a plurality of machinefarms 38. The servers 106 within each machine farm 38 can beheterogeneous—one or more of the servers 106 or machines 106 can operateaccording to one type of operating system platform (e.g., WINDOWS NT,manufactured by Microsoft Corp. of Redmond, Washington), while one ormore of the other servers 106 can operate on according to another typeof operating system platform (e.g., Unix, Linux, or Mac OS X).

In one implementation, servers 106 in the machine farm 38 can be storedin high-density rack systems, along with associated storage systems, andlocated in an enterprise data center. In this implementation,consolidating the servers 106 in this way can improve systemmanageability, data security, the physical security of the system, andsystem performance by locating servers 106 and high performance storagesystems on localized high performance networks. Centralizing the servers106 and storage systems and coupling them with advanced systemmanagement tools allows more efficient use of server resources.

The servers 106 of each machine farm 38 do not need to be physicallyproximate to another server 106 in the same machine farm 38. Thus, thegroup of servers 106 logically grouped as a machine farm 38 can beinterconnected using a wide-area network (WAN) connection or ametropolitan-area network (MAN) connection. For example, a machine farm38 can include servers 106 physically located in different continents ordifferent regions of a continent, country, state, city, campus, or room.Data transmission speeds between servers 106 in the machine farm 38 canbe increased if the servers 106 are connected using a local-area network(LAN) connection or some form of direct connection. Additionally, aheterogeneous machine farm 38 can include one or more servers 106operating according to a type of operating system, while one or moreother servers 106 execute one or more types of hypervisors rather thanoperating systems. In these implementations, hypervisors can be used toemulate virtual hardware, partition physical hardware, virtualizephysical hardware, and execute virtual machines that provide access tocomputing environments, allowing multiple operating systems to runconcurrently on a host computer. Native hypervisors can run directly onthe host computer. Hypervisors can include VMware ESX/ESXi, manufacturedby VMWare, Inc., of Palo Alto, California; the Xen hypervisor, an opensource product whose development is overseen by Citrix Systems, Inc.;the HYPER-V hypervisors provided by Microsoft or others. Hostedhypervisors can run within an operating system on a second softwarelevel. Examples of hosted hypervisors can include VMware Workstation andVIRTUALBOX.

Management of the machine farm 38 can be de-centralized. For example,one or more servers 106 can comprise components, subsystems and modulesto support one or more management services for the machine farm 38. Inone of these implementations, one or more servers 106 providefunctionality for management of dynamic data, including techniques forhandling failover, data replication, and increasing the robustness ofthe machine farm 38. Each server 106 can communicate with a persistentstore and, in some implementations, with a dynamic store.

Server 106 can be a file server, application server, web server, proxyserver, appliance, network appliance, gateway, gateway server,virtualization server, deployment server, SSL VPN server, or firewall.In one implementation, the server 106 can be referred to as a remotemachine or a node. In another implementation, a plurality of nodes 290can be in the path between any two communicating servers.

Referring to FIG. 1B, a cloud computing environment is depicted. A cloudcomputing environment can provide client 102 with one or more resourcesprovided by a network environment. The cloud computing environment caninclude one or more clients 102 a-102 n, in communication with the cloud108 over one or more networks 104. Clients 102 can include, e.g., thickclients, thin clients, and zero clients. A thick client can provide atleast some functionality even when disconnected from the cloud 108 orservers 106. A thin client or a zero client can depend on the connectionto the cloud 108 or server 106 to provide functionality. A zero clientcan depend on the cloud 108 or other networks 104 or servers 106 toretrieve operating system data for the client device. The cloud 108 caninclude back end platforms, e.g., servers 106, storage, server farms ordata centers.

The cloud 108 can be public, private, or hybrid. Public clouds caninclude public servers 106 that are maintained by third parties to theclients 102 or the owners of the clients. The servers 106 can be locatedoff-site in remote geographical locations as disclosed above orotherwise. Public clouds can be connected to the servers 106 over apublic network. Private clouds can include private servers 106 that arephysically maintained by clients 102 or owners of clients. Privateclouds can be connected to the servers 106 over a private network 104.Hybrid clouds 108 can include both the private and public networks 104and servers 106.

The cloud 108 can also include a cloud based delivery, e.g. Software asa Service (SaaS) 110, Platform as a Service (PaaS) 112, andInfrastructure as a Service (IaaS) 114. IaaS can refer to a user rentingthe use of infrastructure resources that are needed during a specifiedtime period. IaaS providers can offer storage, networking, servers orvirtualization resources from large pools, allowing the users to quicklyscale up by accessing more resources as needed. Examples of IaaS caninclude infrastructure and services (e.g., EG-32) provided by OVHHOSTING of Montreal, Quebec, Canada, AMAZON WEB SERVICES provided byAmazon.com, Inc., of Seattle, Washington, RACKSPACE CLOUD provided byRackspace US, Inc., of San Antonio, Texas, Google Compute Engineprovided by Google Inc. of Mountain View, California, or RIGHTSCALEprovided by RightScale, Inc., of Santa Barbara, California PaaSproviders can offer functionality provided by IaaS, including, e.g.,storage, networking, servers or virtualization, as well as additionalresources such as, e.g., the operating system, middleware, or runtimeresources. Examples of PaaS include WINDOWS AZURE provided by MicrosoftCorporation of Redmond, Washington, Google App Engine provided by GoogleInc., and HEROKU provided by Heroku, Inc. of San Francisco, CaliforniaSaaS providers can offer the resources that PaaS provides, includingstorage, networking, servers, virtualization, operating system,middleware, or runtime resources. In some implementations, SaaSproviders can offer additional resources including, e.g., data andapplication resources. Examples of SaaS include GOOGLE APPS provided byGoogle Inc., SALESFORCE provided by Salesforce.com Inc. of SanFrancisco, California, or OFFICE 365 provided by Microsoft Corporation.Examples of SaaS can also include data storage providers, e.g. DROPBOXprovided by Dropbox, Inc. of San Francisco, California, MicrosoftSKYDRIVE provided by Microsoft Corporation, Google Drive provided byGoogle Inc., or Apple ICLOUD provided by Apple Inc. of Cupertino,California.

Clients 102 can access IaaS resources with one or more IaaS standards,including, e.g., Amazon Elastic Compute Cloud (EC2), Open CloudComputing Interface (OCCI), Cloud Infrastructure Management Interface(CIMI), or OpenStack standards. Some IaaS standards can allow clientsaccess to resources over HTTP, and can use Representational StateTransfer (REST) protocol or Simple Object Access Protocol (SOAP).Clients 102 can access PaaS resources with different PaaS interfaces.Some PaaS interfaces use HTTP packages, standard Java APIs, JavaMailAPI, Java Data Objects (JDO), Java Persistence API (JPA), Python APIs,web integration APIs for different programming languages including,e.g., Rack for Ruby, WSGI for Python, or PSGI for Perl, or other APIsthat can be built on REST, HTTP, XML, or other protocols. Clients 102can access SaaS resources through the use of web-based user interfaces,provided by a web browser (e.g. GOOGLE CHROME, Microsoft INTERNETEXPLORER, or Mozilla Firefox provided by Mozilla Foundation of MountainView, California). Clients 102 can also access SaaS resources throughsmartphone or tablet applications, including, e.g., Salesforce SalesCloud, or Google Drive app. Clients 102 can also access SaaS resourcesthrough the client operating system, including, e.g., Windows filesystem for DROPBOX.

In some implementations, access to IaaS, PaaS, or SaaS resources can beauthenticated. For example, a server or authentication server canauthenticate a user via security certificates, HTTPS, or API keys. APIkeys can include various encryption standards such as, e.g., AdvancedEncryption Standard (AES). Data resources can be sent over TransportLayer Security (TLS) or Secure Sockets Layer (SSL).

The client 102 and server 106 can be deployed as and/or executed on anytype and form of computing device, e.g. a computer, network device orappliance capable of communicating on any type and form of network andperforming the operations described herein. FIGS. 1C and 1D depict blockdiagrams of a computing device 100 useful for practicing animplementation of the client 102 or a server 106. As shown in FIGS. 1Cand 1D, each computing device 100 includes a central processing unit121, and a main memory unit 122. As shown in FIG. 1C, a computing device100 can include a storage device 128, an installation device 116, anetwork interface 118, an I/O controller 123, display devices 124 a-124n, a keyboard 126 and a pointing device 127, e.g. a mouse. The storagedevice 128 can include, without limitation, an operating system,software, and a software of data processing system (DPS) 120. As shownin FIG. 1D, each computing device 100 can also include additionaloptional elements, e.g. a memory port 103, a bridge 170, one or moreinput/output devices 130 a-130 n (generally referred to using referencenumeral 130), and a cache memory 140 in communication with the centralprocessing unit 121.

The central processing unit 121 is any logic circuitry that responds toand processes instructions fetched from the main memory unit 122. Inmany implementations, the central processing unit 121 is provided by amicroprocessor unit, e.g.: those manufactured by Intel Corporation ofMountain View, California; those manufactured by Motorola Corporation ofSchaumburg, Illinois; the ARM processor and TEGRA system on a chip (SoC)manufactured by Nvidia of Santa Clara, California; the POWER7 processor,those manufactured by International Business Machines of White Plains,New York; or those manufactured by Advanced Micro Devices of Sunnyvale,California. The computing device 100 can be based on any of theseprocessors, or any other processor capable of operating as describedherein. The central processing unit 121 can utilize instruction levelparallelism, thread level parallelism, different levels of cache, andmulti-core processors. A multi-core processor can include two or moreprocessing units on a single computing component. Examples of multi-coreprocessors include the AMD PHENOM IIX2, INTEL CORE i5 and INTEL CORE i7.

Main memory unit 122 can include one or more memory chips capable ofstoring data and allowing any storage location to be directly accessedby the microprocessor 121. Main memory unit 122 can be volatile andfaster than storage 128 memory. Main memory units 122 can be Dynamicrandom access memory (DRAM) or any variants, including static randomaccess memory (SRAM), Burst SRAM or SynchBurst SRAM (B SRAM), Fast PageMode DRAM (FPM DRAM), Enhanced DRAM (EDRAM), Extended Data Output RAM(EDO RAM), Extended Data Output DRAM (EDO DRAM), Burst Extended DataOutput DRAM (BEDO DRAM), Single Data Rate Synchronous DRAM (SDR SDRAM),Double Data Rate SDRAM (DDR SDRAM), Direct Rambus DRAM (DRDRAM), orExtreme Data Rate DRAM (XDR DRAM). In some implementations, the mainmemory 122 or the storage 128 can be non-volatile; e.g., non-volatileread access memory (NVRAM), flash memory non-volatile static RAM(nvSRAM), Ferroelectric RAM (FeRAM), Magnetoresistive RAM (MRAM),Phase-change memory (PRAM), conductive-bridging RAM (CBRAM),Silicon-Oxide-Nitride-Oxide-Silicon (SONOS), Resistive RAM (RRAM),Racetrack, Nano-RAM (NRAM), or Millipede memory. The main memory 122 canbe based on any of the above described memory chips, or any otheravailable memory chips capable of operating as described herein. In theimplementation shown in FIG. 1C, the processor 121 communicates withmain memory 122 via a system bus 150 (described in more detail below).FIG. 1D depicts an implementation of a computing device 100 in which theprocessor communicates directly with main memory 122 via a memory port103. For example, in FIG. 1D the main memory 122 can be DRDRAM.

FIG. 1D depicts an implementation in which the main processor 121communicates directly with cache memory 140 via a secondary bus,sometimes referred to as a backside bus. In other implementations, themain processor 121 communicates with cache memory 140 using the systembus 150. Cache memory 140 typically has a faster response time than mainmemory 122 and is typically provided by SRAM, BSRAM, or EDRAM. In theimplementation shown in FIG. 1D, the processor 121 communicates withvarious I/O devices 130 via a local system bus 150. Various buses can beused to connect the central processing unit 121 to any of the I/Odevices 130, including a PCI bus, a PCI-X bus, or a PCI-Express bus, ora NuBus. For implementations in which the I/O device is a video display124, the processor 121 can use an Advanced Graphics Port (AGP) tocommunicate with the display 124 or the I/O controller 123 for thedisplay 124. FIG. 1D depicts an implementation of a computer 100 inwhich the main processor 121 communicates directly with I/O device 130 bor other processors 121′ via HYPERTRANSPORT, RAPIDIO, or INFINIBANDcommunications technology. FIG. 1D also depicts an implementation inwhich local busses and direct communication are mixed: the processor 121communicates with I/O device 130 a using a local interconnect bus whilecommunicating with I/O device 130 b directly.

A wide variety of I/O devices 130 a-130 n can be present in thecomputing device 100. Input devices can include keyboards, mice,trackpads, trackballs, touchpads, touch mice, multi-touch touchpads andtouch mice, microphones, multi-array microphones, drawing tablets,cameras, single-lens reflex camera (SLR), digital SLR (DSLR), CMOSsensors, accelerometers, infrared optical sensors, pressure sensors,magnetometer sensors, angular rate sensors, depth sensors, proximitysensors, ambient light sensors, gyroscopic sensors, or other sensors.Output devices can include video displays, graphical displays, speakers,headphones, inkjet printers, laser printers, and 3D printers.

Devices 130 a-130 n can include a combination of multiple input oroutput devices, including, e.g., Microsoft KINECT, Nintendo Wiimote forthe WII, Nintendo WII U GAMEPAD, or Apple IPHONE. Some devices 130 a-130n allow gesture recognition inputs through combining some of the inputsand outputs. Some devices 130 a-130 n provides for facial recognitionwhich can be utilized as an input for different purposes includingauthentication and other commands. Some devices 130 a-130 n provides forvoice recognition and inputs, including, e.g., Microsoft KINECT, SIRIfor IPHONE by Apple, Google Now or Google Voice Search.

Additional devices 130 a-130 n have both input and output capabilities,including, e.g., haptic feedback devices, touchscreen displays, ormulti-touch displays. Touchscreen, multi-touch displays, touchpads,touch mice, or other touch sensing devices can use differenttechnologies to sense touch, including, e.g., capacitive, surfacecapacitive, projected capacitive touch (PCT), in-cell capacitive,resistive, infrared, waveguide, dispersive signal touch (DST), in-celloptical, surface acoustic wave (SAW), bending wave touch (BWT), orforce-based sensing technologies. Some multi-touch devices can allow twoor more contact points with the surface, allowing advanced functionalityincluding, e.g., pinch, spread, rotate, scroll, or other gestures. Sometouchscreen devices, including, e.g., Microsoft PIXELSENSE orMulti-Touch Collaboration Wall, can have larger surfaces, such as on atable-top or on a wall, and can also interact with other electronicdevices. Some I/O devices 130 a-130 n, display devices 124 a-124 n orgroup of devices can be augment reality devices. The I/O devices can becontrolled by an I/O controller 123 as shown in FIG. 1C. The I/Ocontroller can control one or more I/O devices, such as, e.g., akeyboard 126 and a pointing device 127, e.g., a mouse or optical pen.Furthermore, an I/O device can also provide storage and/or aninstallation medium 116 for the computing device 100. In still otherimplementations, the computing device 100 can provide USB connections(not shown) to receive handheld USB storage devices. In furtherimplementations, an I/O device 130 can be a bridge between the systembus 150 and an external communication bus, e.g. a USB bus, a SCSI bus, aFireWire bus, an Ethernet bus, a Gigabit Ethernet bus, a Fibre Channelbus, or a Thunderbolt bus.

In some implementations, display devices 124 a-124 n can be connected toI/O controller 123. Display devices can include, e.g., liquid crystaldisplays (LCD), thin film transistor LCD (TFT-LCD), blue phase LCD,electronic papers (e-ink) displays, flexile displays, light emittingdiode displays (LED), digital light processing (DLP) displays, liquidcrystal on silicon (LCOS) displays, organic light-emitting diode (OLED)displays, active-matrix organic light-emitting diode (AMOLED) displays,liquid crystal laser displays, time-multiplexed optical shutter (TMOS)displays, or 3D displays. Examples of 3D displays can use, e.g.stereoscopy, polarization filters, active shutters, or autostereoscopy.Display devices 124 a-124 n can also be a head-mounted display (HMD). Insome implementations, display devices 124 a-124 n or the correspondingI/O controllers 123 can be controlled through or have hardware supportfor OPENGL or DIRECTX API or other graphics libraries.

In some implementations, the computing device 100 can include or connectto multiple display devices 124 a-124 n, which each can be of the sameor different type and/or form. As such, any of the I/O devices 130 a-130n and/or the I/O controller 123 can include any type and/or form ofsuitable hardware, software, or combination of hardware and software tosupport, enable or provide for the connection and use of multipledisplay devices 124 a-124 n by the computing device 100. For example,the computing device 100 can include any type and/or form of videoadapter, video card, driver, and/or library to interface, communicate,connect or otherwise use the display devices 124 a-124 n. In oneimplementation, a video adapter can include multiple connectors tointerface to multiple display devices 124 a-124 n. In otherimplementations, the computing device 100 can include multiple videoadapters, with each video adapter connected to one or more of thedisplay devices 124 a-124 n. In some implementations, any portion of theoperating system of the computing device 100 can be configured for usingmultiple displays 124 a-124 n. In other implementations, one or more ofthe display devices 124 a-124 n can be provided by one or more othercomputing devices 100 a or 100 b connected to the computing device 100,via the network 104. In some implementations software can be designedand constructed to use another computer's display device as a seconddisplay device 124 a for the computing device 100. For example, in oneimplementation, an Apple iPad can connect to a computing device 100 anduse the display of the device 100 as an additional display screen thatcan be used as an extended desktop. One ordinarily skilled in the artwill recognize and appreciate the various ways and implementations thata computing device 100 can be configured to have multiple displaydevices 124 a-124 n.

Referring again to FIG. 1C, the computing device 100 can comprise astorage device 128 (e.g. one or more hard disk drives or redundantarrays of independent disks) for storing an operating system or otherrelated software, and for storing application software programs such asany program related to the software 120 for the centralized stateprocessing system. Examples of storage device 128 include, e.g., harddisk drive (HDD); optical drive including CD drive, DVD drive, orBLU-RAY drive; solid-state drive (SSD); USB flash drive; or any otherdevice suitable for storing data. Some storage devices can includemultiple volatile and non-volatile memories, including, e.g., solidstate hybrid drives that combine hard disks with solid state cache. Somestorage device 128 can be non-volatile, mutable, or read-only. Somestorage device 128 can be internal and connect to the computing device100 via a bus 150. Some storage device 128 can be external and connectto the computing device 100 via a I/O device 130 that provides anexternal bus. Some storage device 128 can connect to the computingdevice 100 via the network interface 118 over a network 104, including,e.g., the Remote Disk for MACBOOK AIR by Apple. Some client devices 100may not require a non-volatile storage device 128 and can be thinclients or zero clients 102. Some storage device 128 can also be used asan installation device 116, and can be suitable for installing softwareand programs. Additionally, the operating system and the software can berun from a bootable medium, for example, a bootable CD, e.g. KNOPPIX, abootable CD for GNU/Linux that is available as a GNU/Linux distributionfrom knoppix.net.

Client device 100 can also install software or application from anapplication distribution platform. Examples of application distributionplatforms include the App Store for iOS provided by Apple, Inc., the MacApp Store provided by Apple, Inc., GOOGLE PLAY for Android OS providedby Google Inc., Chrome Webstore for CHROME OS provided by Google Inc.,and Amazon Appstore for Android OS and KINDLE FIRE provided byAmazon.com, Inc. An application distribution platform can facilitateinstallation of software on a client device 102. An applicationdistribution platform can include a repository of applications on aserver 106 or a cloud 108, which the clients 102 a-102 n can access overa network 104. An application distribution platform can includeapplication developed and provided by various developers. A user of aclient device 102 can select, purchase and/or download an applicationvia the application distribution platform.

Furthermore, the computing device 100 can include a network interface118 to interface to the network 104 through a variety of connectionsincluding, but not limited to, standard telephone lines LAN or WAN links(e.g., 802.11, T1, T3, Gigabit Ethernet, Infiniband), broadbandconnections (e.g., ISDN, Frame Relay, ATM, Gigabit Ethernet,Ethernet-over-SONET, ADSL, VDSL, BPON, GPON, fiber optical includingFiOS), wireless connections, or some combination of any or all of theabove. Connections can be established using a variety of communicationprotocols (e.g., TCP/IP, Ethernet, ARCNET, SONET, SDH, Fiber DistributedData Interface (FDDI), IEEE 802.11a/b/g/n/ac CDMA, GSM, WiMax and directasynchronous connections). In one implementation, the computing device100 communicates with other computing devices 100′ via any type and/orform of gateway or tunneling protocol e.g. Secure Socket Layer (SSL) orTransport Layer Security (TLS), or the Citrix Gateway Protocolmanufactured by Citrix Systems, Inc. of Ft. Lauderdale, Florida. Thenetwork interface 118 can comprise a built-in network adapter, networkinterface card, PCMCIA network card, EXPRESSCARD network card, card busnetwork adapter, wireless network adapter, USB network adapter, modem orany other device suitable for interfacing the computing device 100 toany type of network capable of communication and performing theoperations described herein.

A computing device 100 of the sort depicted in FIGS. 1B and 1C canoperate under the control of an operating system, which controlsscheduling of tasks and access to system resources. The computing device100 can be running any operating system such as any of the versions ofthe MICROSOFT WINDOWS operating systems, the different releases of theUnix and Linux operating systems, any version of the MAC OS forMacintosh computers, any embedded operating system, any real-timeoperating system, any open source operating system, any proprietaryoperating system, any operating systems for mobile computing devices, orany other operating system capable of running on the computing deviceand performing the operations described herein. Typical operatingsystems include, but are not limited to: WINDOWS 2000, WINDOWS Server2012, WINDOWS CE, WINDOWS Phone, WINDOWS XP, WINDOWS VISTA, and WINDOWS7, WINDOWS RT, and WINDOWS 8 all of which are manufactured by MicrosoftCorporation of Redmond, Washington; MAC OS and iOS, manufactured byApple, Inc. of Cupertino, California; and Linux, a freely-availableoperating system, e.g. Linux Mint distribution (“distro”) or Ubuntu,distributed by Canonical Ltd. of London, United Kingdom; or Unix orother Unix-like derivative operating systems; and Android, designed byGoogle, of Mountain View, California, among others. Some operatingsystems, including, e.g., the CHROME OS by Google, can be used on zeroclients or thin clients, including, e.g., CHROMEBOOKS.

The computer system 100 can be any workstation, telephone, desktopcomputer, laptop or notebook computer, netbook, ULTRABOOK, tablet,server, handheld computer, mobile telephone, smartphone or otherportable telecommunications device, media playing device, a gamingsystem, mobile computing device, or any other type and/or form ofcomputing, telecommunications or media device that is capable ofcommunication. The computer system 100 has sufficient processor powerand memory capacity to perform the operations described herein. In someimplementations, the computing device 100 can have different processors,operating systems, and input devices consistent with the device. TheSamsung GALAXY smartphones, e.g., operate under the control of Androidoperating system developed by Google, Inc. GALAXY smartphones receiveinput via a touch interface.

In some implementations, the computing device 100 is a gaming system.For example, the computer system 100 can comprise a PLAYSTATION 3, orPERSONAL PLAYSTATION PORTABLE (PSP), or a PLAYSTATION VITA devicemanufactured by the Sony Corporation of Tokyo, Japan, a NINTENDO DS,NINTENDO 3DS, NINTENDO WII, or a NINTENDO WII U device manufactured byNintendo Co., Ltd., of Kyoto, Japan, an XBOX 360 device manufactured bythe Microsoft Corporation of Redmond, Washington.

In some implementations, the computing device 100 is a digital audioplayer such as the Apple IPOD, IPOD Touch, and IPOD NANO lines ofdevices, manufactured by Apple Computer of Cupertino, California Somedigital audio players can have other functionality, including, e.g., agaming system or any functionality made available by an application froma digital application distribution platform. For example, the IPOD Touchcan access the Apple App Store. In some implementations, the computingdevice 100 is a portable media player or digital audio player supportingfile formats including, but not limited to, MP3, WAV, M4A/AAC, WMAProtected AAC, AIFF, Audible audiobook, Apple Lossless audio fileformats and .mov, .m4v, and .mp4 MPEG-4 (H.264/MPEG-4 AVC) video fileformats.

In some implementations, the computing device 100 is a tablet e.g. theIPAD line of devices by Apple; GALAXY TAB family of devices by Samsung;or KINDLE FIRE, by Amazon.com, Inc. of Seattle, Washington In otherimplementations, the computing device 100 is an eBook reader, e.g. theKINDLE family of devices by Amazon.com, or NOOK family of devices byBarnes & Noble, Inc. of New York City, New York.

In some implementations, the communications device 102 includes acombination of devices, e.g. a smartphone combined with a digital audioplayer or portable media player. For example, one of theseimplementations is a smartphone, e.g. the IPHONE family of smartphonesmanufactured by Apple, Inc.; a Samsung GALAXY family of smartphonesmanufactured by Samsung, Inc.; or a Motorola DROID family ofsmartphones. In yet another implementation, the communications device102 is a laptop or desktop computer equipped with a web browser and amicrophone and speaker system, e.g. a telephony headset. In theseimplementations, the communications devices 102 are web-enabled and canreceive and initiate phone calls. In some implementations, a laptop ordesktop computer is also equipped with a webcam or other video capturedevice that enables video chat and video call.

In some implementations, the status of one or more machines 102, 106 inthe network 104 are monitored, generally as part of network management.In one of these implementations, the status of a machine can include anidentification of load information (e.g., the number of processes on themachine, CPU and memory utilization), of port information (e.g., thenumber of available communication ports and the port addresses), or ofsession status (e.g., the duration and type of processes, and whether aprocess is active or idle). In another of these implementations, thisinformation can be identified by a plurality of metrics, and theplurality of metrics can be applied at least in part towards decisionsin load distribution, network traffic management, and network failurerecovery as well as any aspects of operations of the present solutiondescribed herein. Aspects of the operating environments and componentsdescribed above will become apparent in the context of the systems andmethods disclosed herein.

B. Generation of a Real-Time Trigger Based Digital Feed

Systems and methods in accordance with present implementations cangenerate opportunities for consuming healthcare products and servicesbased on detecting various promotions, prices, accounts, or productofferings by a number of healthcare support services. Presentimplementations can detect state or change in of particular promotions,prices, accounts, or product offerings linked to a healthcareparticipant and present opportunities for interacting with thosepromotions, prices, accounts, or product offerings, allowing a user toselect one or more of those opportunities and, in response, to modify ahealthcare service or modify a pattern of product consumptionindividualized to that user. Present implementations can thus include amicroservices engine to coordinate and control interaction with thirdparty system, an opportunity engine 340 to generate and controlopportunity objects associated with third party systems, a securityengine 350 to permit and restrict communication with third party systemsand participant systems, and a system scheduler 360 to synchronize andmanage operations of the data processing system.

Referring now to FIG. 2 , a block diagram depicting an implementation ofa system 200 comprising a centralized state processing system is shown.In brief overview, the system 200 can include a data processing system120 (“DPS”) that can receive and/or transmit data via a network 104 withparticipant computing devices 232 a-n, third-party administrator devices240 a-n, employer devices 238 a-n, point-of-sale terminals 236 a-n, orheterogeneous electronic funding sources 234 a-n. The DPS 120 caninclude a communications interface 204 that is configured with one ormore communications ports, application programming interfaces, networkprotocols (e.g., TCP/IP), authentication protocols, or securityprotocols (e.g., SSL). The DPS 120 can include, interface with, orotherwise access a gateway engine 310 that controls communicationbetween the DPS 120 and heterogeneous nodes including but not limited tothe participant computing devices 232 a-n, third-party administratordevices 240 a-n, employer devices 238 a-n, point-of-sale terminals 236a-n, and heterogeneous electronic funding sources 234 a-n. The DPS 120can include, interface with, or otherwise access a microservices engine320 that controls communications within the DPS 120 and betweencomponents thereof in accordance with one or more microservicecommunication criteria, objects, protocols, or any combination thereof,for example. The DPS 120 can include, interface with, or otherwiseaccess an opportunity engine 340 that analyzes, transmits, executes, orany combination thereof, for example, opportunity objects. The DPS 120can include, interface with, or otherwise access a security engine 350that controls one or more security, encryption, authentication,authorization, credentialing, or like operations, including but notlimited to one or more policies, rules, restrictions, challenges, or anycombination thereof, for example. The DPS 120 can include, interfacewith, or otherwise access a system scheduler 360 that controlsasynchronous, processing, batch processing, or any combination thereof,for example associated with at least one of the DPS 120 and themicroservices engine 320. The DPS 120 can include one or more databasesor data structures that store information to facilitate the systems andmethods of the present solution, such as database 330. The database 330can include data structures, files or otherwise categorize informationinto different databases based at least partially by object. Thedatabase 330 can also include one or more policies, profiles, merchantinformation, or historical transaction activity, or any combinationthereof, for example.

The system 120, gateway engine 310, microservices engine 320,opportunity engine 340, security engine 350, and system scheduler 360can each include one or more processing units or other logic devicessuch as programmable logic array engines, modules, or circuitry designedand constructed to facilitate managing security on a networkinfrastructure. The DPS 120 can include the components 100 shown in FIG.1C or FIG. 1D, or be configured to operate as a service in cloud 108.The DPS 120 can include or interact with one or more servers 106 a-n andclients 102 a-n. The participant computing devices 232 a-n, POSterminals 236 a-n, employer devices 238 a-n, TPA devices 240 a-n, orheterogeneous electronic funding sources 234 a-n can each include one ormore component or functionality of client computing devices 102 a-n orserver 106 a-n.

In some implementations, the DPS 120 can employ a multitier architecturesuch as a client-server architecture in which presentation, applicationprocessing, and data management functions are logically or physicallyseparated. The presentation tier, or front-end, can include thecommunications interface 204 that can serve static content or dynamiccontent to be rendered by the client 102 (e.g., by a web browserexecuting on client 102). The presentation tier or web server caninteract or communicate with the application tier to obtain data toprovide to the client 102, computing devices, 232 a-n, TPA devices 240a-n, employer devices 238 a-n, funding sources 234 a-n, or POS terminals120 a-n. The application tier can include the event control engine 310and the opportunity engine 320. The application tier can interact withthe data tier to obtain the transaction data. The data tier can includedata persistence mechanisms (database servers, file shares, etc.) andthe data access layer that encapsulates the persistence mechanisms andexposes the data. The data tier can include databases 214. The data tiercan include an application programming interface (API) to theapplication tier. The databases 214 can include stored procedures (e.g.,SQL statements) that perform tasks with respect the stored data.

The system 200 can include, access, or otherwise communicate with one ormore third-party administrator (“TPA”) devices 240 a-n. A TPA can referto an organization that processes insurance claims or certain aspects ofemployee benefit plans for a separate entity. A TPA can refer toorganizations within the insurance industry which “administer” otherservices such as Underwriting or Customer Service. In some cases, a TPAcan handle the claims processing for employers 238 a-n that self-insuresits employees 232 a-n. Thus, the employers 238 a-n are acting as aninsurance company and underwrites the risk. The risk of loss can remainswith the employer 238 a-n, and not with the TPA 240 a-n. An insurancecompany may also use a TPA 240 a-n to manage its claims processing,provider networks, utilization review, or membership functions. The TPA240 a-n can handle many aspects of other employee benefit plans such asthe processing of retirement plans and flexible spending accounts. Manyemployee benefit plans have highly technical aspects and difficultadministration that can make using a specialized entity such as a TPA240 a-n more cost effective than doing the same processing in house.

In the health care industry, for example, TPAs 240 a-n can administerall or a portion of the claims process. TPAs 240 a-n can be contractedby a health insurer or self-insuring companies to administer services,including claims administration, premium collection, enrollment andother administrative activities. For example, an employer 238 a-n maychoose to help finance the health care costs of its employees 232 a-n bycontracting with a TPA 240 a-n to administer many aspects of aself-funded health care plan.

Administrators, such as companies or health insurance providers, canestablish electronic benefits accounts such as flexible spendingaccounts or healthcare tax benefit accounts (e.g., health savingsaccounts) for participants such as employees, subscribers, or customers.These electronic benefits accounts can provide a tax advantage for theparticipants. Administrators that establish or provide electronic taxbenefits accounts for various participants of those accounts can utilizebackend information technology infrastructure to process, analyze,monitor or manage the electronic tax benefits accounts. The tax benefitmanagement information technology infrastructure can be configured withprocessing rules that are applied to electronic transactions. Electronictransactions can include allocating funds to the tax benefit account,withdrawing funds from the tax benefit account, making a purchase withfunds from the tax benefit account, modifying a profile of the taxbenefit account, or submitting a claim. The management informationtechnology infrastructure can apply one or more rules to each type oftransaction to determine an event. As the types of transactions andrules increase in number and complexity, the types and events can alsoincrease in number and complexity, thereby consuming an increasingamount of resources of the information technology infrastructure. Forexample, events such as a card denial increases the number oftransaction attempts, communications with the server, account resets,profile corruption, or resources consumed by a point-of-sale deviceinitiating the transaction.

The employer devices 238 a-n can refer to a device used by an entity ororganization that is associated with the participant computing devices232 a-n of the employees of the employer. For example, Employer A can bea software company that has a thousand employees associated with theparticipant computing devices 232 a-n. The employees can obtain healthcare or other services, and pay for those services at a POS terminal 236a-n of the service provider.

Data packets can be generated by a device 240 a-n at an administrator.The device can refer to an administrator device (“administrator device”)such as administrator device 240 a-n. The administrator device 240 a-nmay monitor data from the various electronic benefits accountsassociated with the administrator. The accounts associated with theadministrator may be accounts that are managed or maintained by theadministrator. The administrator may be a point of contact for customersor participants of the associated accounts. In some implementations, theclient 102, which may correspond to an individual participant of theadministrator's electronic benefits account, may access the account andperform a number of actions with respect to the account, such as, fundthe account (e.g., via heterogeneous electronic funding sources 234a-n), withdraw from the account, charge the account, or any combinationthereof, for example. The administrator of the electronic benefitsaccount, as the caretaker of the account, may adjust parametersassociated with the account, such as, monthly fees, minimum runningbalances, etc. At the same time, the DPS 120 may monitor the data,parameters, and performance of the account and store the informationunder an administrator profile associated with the administrator of theaccount. The DPS 120 may receive the data associated with the individualparticipants and their individual accounts from the client's 102 and theparameter data associated with the accounts from the administratordevice 240 a-n via the network 104.

An administrator device 240 a-n can be the place where an administratormay perform various functions of the administrator, for example,functions associated with electronic benefits accounts of theadministrator. The administrator device 240 a-n is the point at anadministrator that may send requests or transaction information to theDPS 120 for further processing or data collection. The administratordevice 240 a-n may also be configured to transmit an identifierassociated with the administrator corresponding to the administratordevice 240 a-n for identification by the DPS 120. In someimplementations, the receiving of the identifier initiates a frauddetection and control process.

The administrator device 240 a-n can include hardware and software.Administrators can utilize scanners, EFTPOS terminals, touch screens andany other wide variety of hardware and software available for use withadministrator device 240 a-n. For example, an administrator can usesoftware to make adjustments to parameters associated with theirelectronic benefits accounts.

The administrator device 240 a-n can include advanced features to caterto different functionality, such as account participant forecasts andestimates, account simulation, communication with participants ofaccounts, performing actions associated with individual participantaccounts (e.g., freezing an account), collecting data from one or moreof the participant accounts, etc., all built into the administratorsoftware. The administrator device 240 a-n can be configured to executeuser-input commands with respect to the electronic benefits accounts ofthe administrator.

In some implementations, the communication interface 204 can receivedata packets. The data packets can carry one or more electronictransactions. In some cases, the data packets can carry multipleelectronic transactions. In some cases, the data packets can be receivedover a duration of time. The electronic transactions can occur over theduration of time. In some cases, the electronic transaction informationcarried via the data packets can be received by the DPS 120 inreal-time, such as responsive to the occurrence of the electronictransaction. Real-time or near-real-time communication can include, butis not limited to, reducing or eliminating latency of or delay incommunication to below a perceivable level by a user. As one example,latency or delay can be introduced by incompatibilities betweenthird-party computing systems, or databases, and can be reduced oreliminated by interconnection of those systems or databases throughautomated communication interfaces compatible with both. In some cases,the DPS 120 can receive the information about the electronictransactions in a bulk upload or batch upload. Receiving the informationabout the electronic transaction sin a bulk upload or batch upload canreduce computing resource utilization or network bandwidth usage,thereby improving the efficiency of the DPS 120. For example, theprovider of the information about the electronic transactions cancompress the information and generate data packets carrying thecompressed information in a single batch or bulk transmission, therebyreducing network bandwidth utilization.

The electronic transaction information carried via the data packets caninclude information that facilitates performance of the electronictransaction, or analyzing the electronic transaction to detectfraudulent activity. The electronic transaction can a source identifierpointing to a data structure storing a resource, a destinationidentifier corresponding to a data structure to transfer the resource,and an intermediary identifier corresponding to an entity that providesat least a portion of the resource stored in the data structure. Thesource identifier can refer to an account identifier that contains theresource being transferred from a source to a destination. The sourceidentifier can refer to an account of an employee of an employer. Thesource identifier can correspond to an account associated with aparticipant computing device 232. The resource can correspond to anelectronic resource or physical resource being represented in anelectronic form. The resource can refer to or include a token, currency,points, or other resource that can be transferred from the source to adestination. The destination identifier an correspond to an entity ororganization receiving the resource. The destination identifier cancorrespond to a provider of a service or good that is receiving theresource in return for performing the service or providing the good tothe employee. The intermediary identifier can correspond to an entitythat stores, holds, manages, provides, or maintains the resource. Theintermediary identifier can refer to or correspond to the employerdevice 238 a-n, a heterogeneous electronic funding source 234 a-n or TPA240 a-n.

An identifier corresponding to a data structure can refer to or includean identifier pointing to a data structure, such as a memory pointer.The identifier corresponding to a data structure can refer to or includean identifier used by a lookup to retrieve, identify, access or selectthe data structure. The identifier can label the data structure. Theidentifier can be mapped to the data structure.

The data packets or electronic transaction can be generated by a deviceat a merchant to conduct an electronic transaction at the merchant. Thedevice can refer to a point of sale terminal (“POS terminal”) such asPOS terminal 236 a-n. In some implementations, the POS terminals 236 a-nare the devices at which retail transactions are initiated. The POSterminals 236 a-n are the points at which a customer of the entity ormerchant makes a payment to the merchant in exchange for goods orservices. At the point of sale the merchant can calculate the amountowed by the customer and provide options for the customer to makepayment. The merchant can also issue a receipt for the transaction.

The POS terminal 236 a-n can include hardware and software. Merchantscan utilize weighing scales, scanners, electronic and manual cashregisters, EFTPOS terminals, touch screens and any other wide variety ofhardware and software available for use with POS terminal 236 a-n. Forexample, a pharmacy can use software to customize the item or servicesold when a customer has a special medication request.

The POS terminal 236 a-n can include advanced features to cater todifferent functionality, such as inventory management, CRM, financials,warehousing, flexible spending account transactions, etc., all builtinto the POS software. The POS terminal 236 a-n can be configured toconduct a transactions using a debit card, multipurse card, Bluetooth,near field communications, smartphone, smartwatch, mobiletelecommunications computing device, wearable communications, RFID, etc.

The DPS 120 can include a communications interface 204. Thecommunications interface 204 can execute on one or more processors of aserver. The communications interface 204 can include one or morecommunications ports and be configured with one or more networkprotocols. Communications ports can include, e.g., network ports,Ethernet ports, WAN ports, I/O ports, or software ports. Thecommunication port can be configured with a network protocol such asTransport Layer Protocols such as TCP/IP or UDP that are configured toreceive and process data packets received via a computer network. Theport can include or be associated with an IP address of a host and aprotocol type of the communication.

The communications interface 204 can receive data packets generated bythe POS terminal 236 a-n responsive to an electronic transactionresulting in transmission of a request to adjudicate a single claimagainst an electronic benefits account. In some implementations, therequest to adjudicate a single claim against the electronic benefitsaccount is transmitted responsive to a user swiping a payment card atthe POS terminal. The payment card can include identifying informationthat can be used to identify an account identifier of the electronicbenefit account (e.g., source identifier) against which to adjudicatethe claim. The data packets can include header information and payloadinformation. Multiple data packets can be strung together in a sequence.The header information can refer to TCP/IP headers that include fieldssuch as source port, destination port, sequence number, acknowledgenumber, window size, etc. The payload information of the data packet caninclude information related to the electronic transaction, the requestto adjudicate a single claim, the merchant, or the customer. The DPS 120can receive the data packet with header information and payloadinformation and process the packets to obtain information for furtherprocessing. The payload can include data identifying the POS terminal236 a-n (e.g., POS terminal 236 a) at which the electronic transactionoccurred, the merchant providing the POS terminal 236 a, a merchantcategory of the merchant, financial information associated with the userperforming the electronic transaction (e.g., via a card swipe or othercommunication technique used to perform the electronic transaction), anamount of expenditures of the electronic transaction, and otherinformation facilitating adjudication of the single claim. The datapackets (e.g., via the payload) can include the request to adjudicatethe single claim. The request can specify the electronic benefitsaccount for adjudication. The request can specify information foridentifying a policy for performing the adjudication. The payload caninclude data identifying a merchant category of the merchant, anelectronic benefits account, and a monetary amount of the electronictransaction.

The data packets can carry data identifying a merchant or merchantcategory of the merchant. In some implementations, the data carried bythe data packets include a merchant category code or identifier (e.g.,dental, medical, etc.). In some implementations, the data identifies amerchant, and the DPS 120 determines a merchant category based on theidentification of the merchant by, for example, using a merchant tomerchant category mapping or lookup table stored in database. In someimplementations, the data packets carrying the request to adjudicate thesingle claim against the electronic benefits account include a datastructure having a first field indicating a merchant identifier, asecond field indicating a total amount of expenditures, and a thirdfield indicating the electronics benefit account. In someimplementations, the data packets are generated by a merchant device(e.g., a client device 102 of a merchant) to conduct an electronictransaction at the merchant, and the data packets carry data identifyinga merchant category of the merchant, the electronic benefits accountmaintained and configured on the DPS 120, and a total monetary amount ofthe electronic transaction.

The data packets (e.g., payload of the data packets) can furtheridentify an electronic account maintained and configured on the server.The electronic account can be maintained and configured in a database214. The electronic account can correspond to a user and have a uniqueidentifier. The unique identifier can include numbers, letters,characters, symbols, etc. The electronic account can be associated withthe customer making the transaction at the merchant. The POS terminal236 a can receive or determine the electronic account identifier via acard swipe or other communication technique employed at the POS terminal236 a, which the POS 236 a can then convey to the DPS 120.

The communications interface 120 can further receive data packets (e.g.,payload information) identifying a monetary amount of the electronictransaction, such as a total amount of expenditures. The monetary amountcan be for the purchase of goods or services made at the merchant. Themonetary amount of the transaction can refer to the amount of funds inconsideration for goods or services obtained from the entity ormerchant. The merchant or entity can refer to the entity at which apoint-of-sale terminal or device used to make the transaction is locatedor with which the terminal is associated. The monetary amount can be inany currency (e.g., United States dollars) or units. The monetary amountcan be further tied to a category, such as medical services.

In some implementations, the POS terminal 236 a can generate multipledata packets for a single transaction. The multiple data packets caneach include a header and a payload. The header can indicate that themultiple data packets are to be grouped together for routing,transmission or processing purposes.

FIG. 3 illustrates an example data processing system, in accordance withpresent implementations. The example data processing system (DPS) 300can correspond to DPS 120. The DPS 120 can include one or more componentor functionality of OFS 120. The DPS 300 can include at least onegateway engine 310. The DPS 300 can include at least one microservicesengine 320. The DPS 300 can include at least one database 330. The DPS300 can include at least one opportunity engine 340. The DPS 120 caninclude at least one security engine 350. The DPS 120 can include atleast one system scheduler 360. The gateway engine 310 can include ahealth service gateway 312. The gateway engine can include a participantgateway 314.

The gateway engine 310 can generate, modify, block, transmit, or anycombination thereof, for example, communication messages between atleast the participant computing devices 232, the third partyadministrator devices 240, the microservices engine 320, the database330, the opportunity engine 340, the security engine 350, and the systemscheduler 360. The gateway engine 310 can include one or more operatingsystems, virtual machines, interpreters, or any combination thereof, forexample, to generate, modify, block, transmit, or any combinationthereof, for example, the communication messages. The gateway engine 310can include one or more logical or electronic devices including but notlimited to integrated circuits, logic gates, flip flops, gate arrays,programmable gate arrays, or any combination thereof, for example. It isto be understood that any electrical, electronic, or like devices, orcomponents associated with the gateway engine 310 can also be associatedwith, integrated with, integrable with, replaced by, supplemented by,complemented by, or any combination thereof, for example, a systemprocessor or any component thereof.

The health service gateway 312 can generate one or more communicationmessages compatible with one or more of the third party administratordevices, based on communication messages received from at least one ofthe microservices engine 320, the opportunity engine 340, the securityengine 350, and the system scheduler 360. The health service gateway 312is further operable to generate one or more communication messagescompatible with at least one of the microservices engine 320, theopportunity engine 340, the security engine 350, and the systemscheduler 360, based on communication messages received from one or moreof the third party administrator devices 240. The health service gateway312 can include at least one application programming interface (API)compatible with the third party administrator devices 240 and at leastone of the microservices engine 320, the opportunity engine 340, thesecurity engine 350, and the system scheduler 360. The health servicegateway 312 can include at least one API to interface with third partyadministrator devices 240 associated with multiple third partyadministrator services. As one example, a third party administratorservice can be a participant's health insurance service or aparticipant's prescription drug records service. The health servicegateway 312 is configured to securely couple the security engine 350 tothe third party administrator devices, in accordance with one or moresecurity policies or health records standards. As one example, healthrecords standards may be associated with Health Insurance PortabilityAnd Accountability Act (HIPAA) requirements or any combination thereof,for example.

The participant gateway 314 can generate one or more communicationmessages compatible with one or more of the participant computingdevices 232, based on communication messages received from at least oneof the microservices engine 320, the opportunity engine 340, thesecurity engine 350, and the system scheduler 360. The participantgateway 316 is further operable to generate one or more communicationmessages compatible with one or more of the participant computingdevices 232, based on communication messages received from at least oneof the microservices engine 320, the opportunity engine 340, thesecurity engine 350, and the system scheduler 360. The participantgateway 316 can include at least one API compatible with the participantcomputing devices 232 and at least one of the microservices engine 320,the opportunity engine 340, the security engine 350, and the systemscheduler 360. The participant gateway 316 is configured to encapsulateat least one opportunity object received from the opportunity engine 320and transmit the encapsulated opportunity object to one or more of theparticipant computing devices 232. The participant gateway 316encapsulates an opportunity object in a JSON container, an encryptedpackage, a compressed package, or any combination thereof, for example.The participant gateway 316 transmits the opportunity object or theencapsulated opportunity object in accordance with a security policy.

The microservices engine 320 can generate, modify, block, transmit, orany combination thereof, for example, communication messages inaccordance with at least one application programming interface (“API”)or any combination thereof, for example. In some implementations, an APIcan include at least one interface layer and at least one translationlayer. The interface layer can include a command interface including atleast one GET request, PUT request, or any combination thereof, forexample. The interface layer further can include an HTTP, HTTPS or liketransmission protocol by which the API communicates with one or more ofthe opportunity engine 340, the security engine 350, and the systemscheduler 360. The translation layer can include one or moreinstructions to convert a first command in a first structure, format,configuration, state or any combination thereof, for example associatedwith a sending node, to a second command in a second structure, format,configuration, state or any combination thereof, for example associatedwith a receiving node. The sending node can be the third-partyadministrator devices 240 or the participant computing devices 232, andthe receiving node can be at least one of the gateway engine 310 and theopportunity engine 340. Conversely, The receiving node can be thethird-party administrator devices 240 or the participant computingdevices 232, and the sending node can be at least one of the gatewayengine 310 and the opportunity engine 340. The translation layer caninclude one or more of regular expressions, programmed code, or anycombination thereof, for example. The translation layer can include oneor more instructions to generate, modify, restrict, block, or anycombination thereof, for example, one or more identifiers, headers,formats, structures, or any combination thereof, for example associatedwith one or more communication messages. As one example, themicroservices engine 320 can include one or more API commands structuresas secure web addresses operable to receive or send one or moreparameters by GET or PUT commands, JSON objects, or any combinationthereof, for example. The microservices engine 320 can generate one ormore encapsulated communication message objects including or derivedfrom the received or sent parameters. As one example, the microservicesengine 320 can generate one or more binary communication messages basedon text-based communication messages. The binary communication messagesor the text-based communication messages include security structurecompatible with one or more security operations of the security engine350. As one example, security structure can include one or morededicated header fields in communication messages modifiable, sortable,or any combination thereof, for example, by the security engine 350. Themicroservices engine 320 can include or is associated with one or moreoperating systems, virtual machines, interpreters, or any combinationthereof, for example, to generate, modify, block, transmit, or anycombination thereof, for example, the communication messages. Themicroservices engine 320 can include one or more logical or electronicdevices including but not limited to integrated circuits, logic gates,flip flops, gate arrays, programmable gate arrays, or any combinationthereof, for example. It is to be understood that any electrical,electronic, or like devices, or components associated with themicroservices engine 320 can also be associated with, integrated with,integrable with, replaced by, supplemented by, complemented by, or anycombination thereof, for example, a system processor or any componentthereof.

The microservice engine 320 can include a plurality of API commandsassociated with participant objects, opportunity objects, and gatewayobjects. As one example, API commands associated with participantobjects can include obtaining a summary of a participant profile,generating a participant profile, health conditions, pharmacies,prescriptions, and insurance account details associated with theparticipant. As another example, API commands associated withopportunity objects can include importing a “medicine cabinet” ofprescriptions, importing pricing for prescriptions, attaching insurancecarriers to a participant, modifying pricing for existing prescriptionorders, or any combination thereof, for example. As another example, APIcommands associated with gateway objects can include gatewayconfiguration commands, third party vendor API wrappers, or anycombination thereof, for example. In this example, the microserviceengine 320 can include at its translation layer an API to convertinstructions to a corresponding API of at least one third partyadministrator device 240. Thus, the microservice engine 320 achieves thetechnological solution of rapid, on-demand communication with multipleheterogeneous secure healthcare systems within a single automaticallymanaged secure and distributed computing system.

The opportunity engine 340 can discover, audit, execute, or anycombination thereof, for example, one or more opportunity objects. Theopportunity engine 340 is operatively coupled to at least one of theparticipant database 332 and the opportunity database 334 to store,retrieve, modify, generate, link, delete, or any combination thereof,for example, one or more objects associated therewith. The opportunityengine 340 is operatively coupled to one or more of the third-partyadministrator devices 240 by at least one of the microservices engine320, the opportunity engine 340, the security engine 350, and the systemscheduler 360. The opportunity engine 340 can include one or morelogical or electronic devices including but not limited to integratedcircuits, logic gates, flip flops, gate arrays, programmable gatearrays, or any combination thereof, for example. It is to be understoodthat any electrical, electronic, or like devices, or componentsassociated with the opportunity engine 340 can also be associated with,integrated with, integrable with, replaced by, supplemented by,complemented by, or any combination thereof, for example, a systemprocessor or any component thereof.

The security engine 350 can restrict, regulate, modify, block, transmit,or any combination thereof, for example, one or more communicationmessages according to one or more transmission criteria or securitycriteria. The security engine 350 enforces one or more security policiesincluding one or more security criteria. The security engine 350 appliesa first security policy to communication messages associated with theparticipant communication devices 232. The first security policy caninclude a user level trust zone, associated with a low trust level. Thesecurity engine 350 applies a second security policy to communicationmessages associated with the third party administrator devices 240. Thesecond security policy can include a third party level trust zone,associated with a low trust level. The security engine 350 applies athird security policy to communication messages associated with themicroservices engine 310, the opportunity engine 340, and the systemscheduler 360. The third security policy can include a cloud trust zone,associated with a medium trust level. It is to be understood thatvarious security policies and various trust zones include, but are notlimited to varying numbers and degrees of security encapsulation or anycombination thereof, for example. The security encapsulation can includetoken validation, password validation, hardware key validation,symmetric encryption key validation, and asymmetric encryption keyvalidation. The security engine 350 can include one or more logical orelectronic devices including but not limited to integrated circuits,logic gates, flip flops, gate arrays, programmable gate arrays, or anycombination thereof, for example. It is to be understood that anyelectrical, electronic, or like devices, or components associated withthe security engine 350 can also be associated with, integrated with,integrable with, replaced by, supplemented by, complemented by, or anycombination thereof, for example, a system processor or any componentthereof.

The system scheduler 360 can generate, modify, block, transmit, or anycombination thereof, for example, communication messages associated withopportunity objects, participant objects, and gateway objects inaccordance with at least one transmission schedule or at least one batchprocessing criterion. The transmission schedule is a synchronoustransmission schedule including at least one transmission intervalbetween transmission times. The system scheduler 360 instructs,commands, controls, or any combination thereof, for example, at leastone of the gateway engine 310 and the security engine 350 to transmit,generate, or any combination thereof, for example, one or morecommunication messages associated with one or more opportunity objects,participant objects, and gateway objects at a transmission time. In someimplementations, a batch processing criterion can include a connectivitycondition between at least one of the participant computing devices 232and the data processing system 120. The system scheduler 360 enters anasynchronous mode in response to determining that connectivity with oneor more particular participant computing devices 240 is below aconnectivity threshold. The batch processing criterion can include theconnectivity threshold. As one example, a connectivity threshold can bea minimum lag, bandwidth, uptime, or any combination thereof, forexample associated with a minimum ability to transmit one or moreopportunity objects. The system scheduler 360 can include one or morequeues to asynchronously store, buffer, or any combination thereof, forexample any communication messages that cannot be transmitted at aparticular transmission time due to failure to satisfy a connectivitythreshold or satisfying a batch processing criterion. The systemscheduler 360 is selectably configurable into a synchronous mode, anasynchronous mode, or both. The system scheduler 360 is selectablyconfigurable by at least one API associated therewith.

FIG. 4 illustrates an example participant database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations. The example participant database system 400 correspondsto the participant database 332. The example participant database system400 can include at least one of a participant object 410, an insuranceobject 420, a prescription object 430, a pharmacy object 440, aparticipant profile object 450, and a drug object 460. It is to beunderstood that the example participant database system can support anarbitrary number of objects dependent only upon extrinsiccharacteristics of the example participant database system. As oneexample, extrinsic characteristics of the example participant databasesystem can include a storage capacity thereof.

The participant object 410 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a participant of a health support system or anycombination thereof, for example. The participant object can include atleast one object identifier 412, timestamp 414, participant key 416,geolocation monitor 418, insurance linker 422, prescription linker 432,pharmacy linker 442, participant profile linker 452, and opportunityobject linker 402.

The object identifier 412 contains one or more characteristicsassociated with a user of the data processing system 120. The objectidentifier can include one or more of a database key identifying theparticipant object, a participant identifier associated with a healthservice, a participant identifier associated with a participantcomputing device, or any combination thereof, for example. As oneexample, the participant identifier associated with the health servicecan include at least one an indication of an association between aparticipant and a particular health service provider, and an associationbetween the participant and a particular health account provider. Asanother example, the participant identifier associated with the healthservice can include an indication that the participant is associatedwith a particular type of health service or health account. As anotherexample, health account type can be an HSA account. The timestamp 414can indicate one or more times of critical events. The timestamp 414 caninclude one or more UNIX timestamps. The timestamp 414 can include atleast one of a creation timestamp, a modification timestamp. Themodification timestamp is responsive to any action to the participantobject 410 by the opportunity engine 420 or any component thereof.

The participant key 416 contains a key based on multiple identifiersassociated with a participant. The participant key 416 is based on atleast one of an account code, an employer identifier and an employeeidentifier associated with the participant and the health serviceassociated with the participant. The participant key 416 is encrypted,hashed, or any combination thereof, for example. The participant key 416is available as a validation key for authorization through the first,second or third security policies.

The geolocation monitor 418 contains a geolocation associated with theparticipant associated with the participant object 410. The geolocationmonitor 418 stores one or more latitude and longitude values todesignate a geolocation. The geolocation monitor 418 obtains ageolocation from a participant computing device 240 associated with theparticipant object 410. The geolocation monitor 418 obtains thegeolocation by the participant gateway 316. The event control engine 310can modify the geolocation monitor 418. The geolocation monitor 418receives a geolocation on a constantly updating basis. Alternatively,The geolocation monitor 418 receives the geolocation on a scheduledbasis in response to actions by the system scheduler 318.

The insurance linker 422 contains a dynamic link to the insurance object420. The insurance linker 422 can generate, store, or any combinationthereof, for example, a link, reference, or any combination thereof, forexample to the insurance object 420 associated with the participantobject 410. The insurance linker 422 associates the insurance object 420with the participant object 410 in accordance with one or more of animport process of participant information from one or more third partyadministrator devices 240, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410.

The prescription linker 432 contains a dynamic link to the prescriptionobject 430. The prescription linker 432 can generate, store, or anycombination thereof, for example, a link, reference, or any combinationthereof, for example to the prescription object 430 associated with theparticipant object 410. The prescription linker 432 associates theprescription object 430 with the participant object 410 in accordancewith one or more of an import process of participant information fromone or more third party administrator devices 240, or a selection,interaction, or any combination thereof, for example received from aparticipant computing device 232 associated with the participant object410.

The pharmacy linker 442 contains a dynamic link to the pharmacy object440. The pharmacy linker 442 can generate, store, or any combinationthereof, for example, a link, reference, or any combination thereof, forexample to the pharmacy object 440 associated with the participantobject 410. The pharmacy linker 442 associates the pharmacy object 440with the participant object 410 in accordance with one or more of animport process of participant information from one or more third partyadministrator devices 240, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410.

The participant profile linker 452 contains a dynamic link to theparticipant profile object 450. The participant profile linker 452 cangenerate, store, or any combination thereof, for example, a link,reference, or any combination thereof, for example to the participantprofile object 450 associated with the participant object 410. Theparticipant profile linker 452 associates the participant profile object450 with the participant object 410 in accordance with one or more of animport process of participant information from one or more third partyadministrator devices 240, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410.

The opportunity object linker 402 contains a dynamic link to anopportunity object 510. The opportunity object linker 402 can generate,store, or any combination thereof, for example, a link, reference, orany combination thereof, for example to the opportunity object 510associated with the participant object 410. The participant profilelinker 452 associates the participant profile object 450 with theparticipant object 410 in accordance with one or more of an importprocess of participant information from one or more third partyadministrator devices 240, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410.

The insurance object 420 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a participant of a health support system or anycombination thereof, for example. The insurance object is associatedwith, represents, or any combination thereof, for example,characteristics, variables, executables, or any combination thereof, forexample associated with a health support account, a support account, orany combination thereof, for example. The insurance object 420 isconfigured to execute to facilitate execution of one or moreinstructions to a health support account, support account, or anycombination thereof, for example. The insurance object 420 can includean object identifier 424 and a provider encapsulator 426. The objectidentifier 424 contains one or more characteristics associated with aninsurance entity associated with the participant object 410 of the dataprocessing system 120. The object identifier 424 contains or can includeone or more blocks, links, executables, or any combination thereof, forexample associated with at least one of the participant object 410 or aparticipant associated with the participant object 410. The providerencapsulator 426 is configured to encapsulate at least one executable,module, link, or any combination thereof, for example associated with ahealth support system or any combination thereof, for example. Theobject identifier 424 can include one or more identifiers associatedwith a health support account. As one example, the object identifier 424can include one or more of a health insurance carrier identificationblock, a health insurance group identification block, and a healthinsurance UUID identification block.

The prescription object 430 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a pharmaceutical system, pharmaceutical entity,pharmaceutical account, pharmaceutical, health metric, biologicalmetric, or any combination thereof, for example, associated with theparticipant object 410 or a participant associated with the participantobject 410. The prescription object 430 can include an object identifier434, a prescription encapsulator 436, a participant key 416, a druglinker 462, and a pharmacy linker 442. The prescription object caninclude corresponding instances, references, or any combination thereof,for example of one or more elements or components associated withcorresponding objects of the example participant database system. Theobject identifier 434 contains one or more characteristics associatedwith a pharmaceutical entity associated with the participant object 410of the data processing system 120. The object identifier 434 contains orcan include one or more blocks, links, executables, or any combinationthereof, for example associated with at least one of the participantobject 410 or a participant associated with the participant object 410.

The prescription encapsulator 436 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for exampleassociated with at least one quantity, metric, volume, amount, mass,time, dosage, or any combination thereof, for example of at least onedrug object 460. The prescription encapsulator is configured toencapsulate at least one personally-identifiable health record within asecure wrapper. The prescription object 430 is configured to securelyencapsulate at least one record of any type with the participant key416. The participant key 416 decrypts or any combination thereof, forexample, either alone or in combination with additional securitycomponents, the prescription encapsulator 436 or any wrapper or anycombination thereof, for example associated therewith.

The participant key 438 contains a key based on multiple identifiersassociated with a participant. The participant key 438 corresponds tothe participant key 416. The participant key 438 is a copy, reference,link, or any combination thereof, for example, to the participant key416. The prescription object is configured to validate or facilitatevalidation of information, executables, parameters, or any combinationthereof, for example, contained in or associated with the participantobject 410, the insurance object 420, or the prescription object 430.

The drug linker 462 contains a dynamic link to the drug object 460. Thedrug linker 462 can generate, store, or any combination thereof, forexample, a link, reference, or any combination thereof, for example tothe drug object 460 associated with the prescription object 430. Thedrug linker 462 associates the prescription object 430 with the drugobject 460 in accordance with one or more of an import process ofparticipant information from one or more third party administratordevices 240, or a selection, interaction, or any combination thereof,for example received from a participant computing device 232 associatedwith the participant object 410. The drug linker 462 generates a link,reference, or any combination thereof, for example, to at least one drugobject 460 within a prescription associated with a participant object410. As one example, the drug linker 462 can generate and maintain alink to a drug object statically or dynamically based on a drug providerby a health support service, support service, or any combinationthereof, for example.

The pharmacy linker 442 contains a dynamic link to the pharmacy object440. The pharmacy linker 442 can generate, store, or any combinationthereof, for example, a link, reference, or any combination thereof, forexample to the pharmacy object 440 associated with the prescriptionobject 430. The pharmacy linker 442 associates the prescription object430 with the pharmacy object 440 in accordance with one or more of animport process of participant information from one or more third partyadministrator devices 240, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410. The pharmacylinker 442 generates a link, reference, or any combination thereof, forexample to at least one pharmacy object 440 within at least one pharmacyselection criterion associated with a participant object 410. As oneexample, the pharmacy linker 440 can generate and maintain a link to apharmacy object statically or dynamically based on a restriction orpreference selection by a participant, a restriction or preference by ahealth support service, support service, or any combination thereof, forexample.

The pharmacy object 440 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a pharmacy system, pharmacy entity, pharmacy account,health metric, consumer metric, or any combination thereof, for example,associated with the participant object 410 or a participant associatedwith the participant object 410. The pharmacy object 440 can include anobject identifier 444, a location identifier 446, and a geolocationidentifier 448. The object identifier 444 contains one or morecharacteristics associated with a pharmacy associated with theparticipant object 410 of the data processing system 120. The objectidentifier 444 contains or can include one or more blocks, links,executables, or any combination thereof, for example associated with atleast one of the participant object 410 or a participant associated withthe participant object 410. The location identifier 446 contains one ormore characteristics associated with a pharmacy location associated withthe participant object 410 of the data processing system 120. Thelocation identifier 446 can include one or more addresses, pharmacylocation codes, phone numbers, or any combination thereof, for example.The geolocation identifier 448 contains one or more characteristicsassociated with a pharmacy geolocation associated with the participantobject 410 of the data processing system 120. The location identifier446 can include one or more latitude coordinates, longitude coordinates,spherical coordinates, Global Positioning System (“GPS”) coordinates,pathfinding routes, or any combination thereof, for example.

The participant profile object 450 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for exampleassociated with a health metric, consumer metric, diagnostic assessment,prognostic assessment, health device interface, or any combinationthereof, for example, associated with the participant object 410 or aparticipant associated with the participant object 410. The participantprofile object can include an object identifier 454 and a diagnosticencapsulator 456. The object identifier 454 contains one or morecharacteristics associated with a pharmacy associated with theparticipant object 410 of the data processing system 120. The objectidentifier 454 contains or can include one or more blocks, links,executables, or any combination thereof, for example associated with atleast one of the participant object 410 or a participant associated withthe participant object 410.

The diagnostic encapsulator 456 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for exampleassociated with at least one characteristic of the participant object410 or a participant associated with the participant object 410. As oneexample, diagnostic encapsulator 456 can include at least one of medicalhistory, prescription history, current medical conditions, familymedical history, evaluation charts, or any combination thereof, forexample associated with a participant object 410 or a participantassociated with the participant object 410. The diagnostic encapsulator456 is configured to encapsulate at least one personally-identifiablehealth record within a secure wrapper. The participant profile object430 is configured to securely encapsulate at least one record of anytype with at least one of the participant key 416 and 438. In someimplementations, at least one of the participant key 416 and 438decrypts or any combination thereof, for example, either alone or incombination with additional security components, the prescriptionencapsulator 436 or any wrapper or any combination thereof, for exampleassociated therewith. The diagnostic encapsulator 456 is configured tosecure information associated therewith or contained therein inaccordance with one or more diagnostic security protocols. As oneexample a diagnostic security protocol can include a restriction onaccess, decryption, or any combination thereof, for example, based on aHIPAA or like restriction.

The drug object 460 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a drug, pharmaceutical, chemical, biochemical,composition, substance, element, molecule, or any combination thereof,for example associated with at least one of a pharmacy object 440 and aprescription object 430. The drug object 460 is generated based on adatabase system, inventory system, sales system, or any combinationthereof, for example associated with at least one of a pharmacy system,health support system, health insurance provider, or any combinationthereof, for example. As one example, the drug object 460 is generatedbased on available drugs at one or more pharmacies associated with theparticipant and included in at least one prescription object associatedwith the participant. As another example, the drug object 460 isgenerated based on the diagnostic encapsulator to include drugsassociated with a particular health condition of a participantassociated with the participant object 410. The drug object can includean object identifier 464 and a drug encapsulator 466. The objectidentifier 464 contains one or more characteristics associated with adrug object associated with at least one of the participant object 410and the pharmacy object 440. The object identifier 454 contains or caninclude one or more blocks, links, executables, or any combinationthereof, for example associated with at least one of the participantobject 410 or a participant associated with the participant object 410.

The drug encapsulator 466 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with at least one characteristic of the drug object 460. Asone example, the drug encapsulator 466 can include at least one of achemical composition, commercial product identifier, brand identifier,generic product identifier, or any combination thereof, for example. Thedrug encapsulator 466 is configured to encapsulate at least onepersonally-identifiable health record within a secure wrapper. The drugobject 460 is configured to securely encapsulate at least one record ofany type with at least one of the participant key 416 and 438. In someimplementations, at least one of the participant key 416 and 438decrypts or any combination thereof, for example, either alone or incombination with additional security components, the drug encapsulator466 or any wrapper or any combination thereof, for example associatedtherewith. The drug encapsulator 466 is configured to secure informationassociated therewith or contained therein in accordance with one or morediagnostic security protocols. As one example a diagnostic securityprotocol can include a restriction on access, decryption, or anycombination thereof, for example, based on a HIPAA or like restriction.

FIG. 5 illustrates an example opportunity database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations. The example opportunity database system 500 correspondsto the opportunity database 334. The example opportunity database system500 can include at least one of an opportunity object 510, anopportunity type object 520, an opportunity action 530, a prescriptionaction object 540, and an account action object 550.

The opportunity object 510 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with a participant of a health support system or anycombination thereof, for example. The opportunity object 510 isassociated with, represents, or any combination thereof, for example,characteristics, variables, executables, or any combination thereof, forexample associated with a health support account, a support account, orany combination thereof, for example. The opportunity object 510 isconfigured to execute to facilitate execution of one or moreinstructions to a health support account, support account, or anycombination thereof, for example. The opportunity object 510 isconfigured to execute a financial transaction across a plurality ofsecure and heterogeneous database system or commercial computingsystems. As one example, the opportunity object 510 is configured toexecute a transaction with a pharmacy system to obtain a pharmaceuticalprescription, including secure patient information and secure financialinformation of a participant associated with a participant object 410.In this example, the opportunity object 510 achieves the technicalsolution of secure digital communication across multiple secure systemsinvolving both financial security and patient care security protocols.The opportunity object 510 can include an object identifier 512, a typelinker 522, and an action linker 532. The object identifier 512 containsone or more characteristics associated with the opportunity object 510.The object identifier 512 contains or can include one or more blocks,links, executables, or any combination thereof, for example associatedwith opportunity object 510.

The type linker 522 contains a dynamic link to the opportunity typeobject 520. The type linker 522 can generate, store, or any combinationthereof, for example, a link, reference, or any combination thereof, forexample to the opportunity type object 520 associated with theopportunity object 510. The type linker 522 associates the opportunityobject 510 with the opportunity type object 520 in accordance with oneor more of an import process of participant information from one or morethird party administrator devices 240, or a selection, interaction, orany combination thereof, for example received from a participantcomputing device 232 associated with the participant object 410.

The action linker 532 contains a dynamic link to the opportunity actionobject 530. The action linker 532 can generate, store, or anycombination thereof, for example, a link, reference, or any combinationthereof, for example to one or more opportunity action objects 530associated with the opportunity object 510. The action linker 532associates the opportunity object 510 with the opportunity action object530 in accordance with an import process of participant information fromone or more third party administrator devices 240. The action linker 532associates the opportunity object 510 with the opportunity action object530 in accordance with a selection, interaction, or any combinationthereof, for example received from a participant computing device 232associated with the participant object 410. The action linker 532associates the opportunity object 510 with the opportunity action object530 in accordance with a scheduled updated initiated by a schedulingprocess or a batching process.

The opportunity type object 520 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for exampleassociated with a participant of a health support system or anycombination thereof, for example. The opportunity object 510 isassociated with, represents, or any combination thereof, for example,characteristics, variables, executables, or any combination thereof, forexample associated with an opportunity. As one example, the opportunitytype object can include at least one value, metric, executable, link, orany combination thereof, for example associated with a time-sensitiveopportunity. The opportunity type object 520 can include an objectidentifier 522 and a point module 524. The object identifier 522contains one or more characteristics associated with the opportunitytype object 510. The object identifier 522 can include one or moreblocks, links, executables, or any combination thereof, for exampleassociated with opportunity type object 522.

The point module 524 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with an execution value of an opportunity object associatedwith the opportunity type object 520. As one example, the point module524 can include at least one value, metric, executable, link, or anycombination thereof, for example associated with a quantitative pointvalue for executing the opportunity object 510. The quantitative pointvalue dynamically changes based on one or more opportunity orparticipant metrics, factors or any combination thereof, for example. Asone example, the quantitative point value decreases toward zero as acurrent timestamp approaches a timestamp threshold.

The opportunity action object 530 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for example toexecute or facilitate execution of at least one action based on at leastone of the prescription action object 540 and the account action object550. The opportunity action object 530 can include one or moreinstructions, restrictions, security policies, interfaces, or anycombination thereof, for example to execute or facilitate execution ofat least one of the prescription action object 540 and the accountaction object 550. The opportunity action object 530 include an actionassociated with an application programming interface (“API”) of the dataprocessing system 120. The opportunity action objects is associated withan API call through one or more gateways of the data processing system120. The API call can be a call to conduct actions includingSwitchtoDirectDeposit, SetUpMedicineCabinet, ChangeElectronicDelivery,AttachInsuranceCarrier, AddMobilePhone, SignUpForAlerts,SignUpForElectronicTaxForms, and EnableLocationTracking. The API call iscompatible with an API provided by, controlled by, generated by, or anycombination thereof, for example, the microservices engine 320.

The prescription action object 540 is configured to encapsulate at leastone executable, module, link, or any combination thereof, for example toexecute or facilitate execution of at least one action based on theopportunity action object 540. The prescription action object 540 caninclude one or more instructions, restrictions, security policies,interfaces, or any combination thereof, for example to modify the stateof at least one medical records system associated with the prescriptionaction object 540. As one example, a medical records system can includea pharmacy system, a health support system, a health insurance system,or any combination thereof, for example. The prescription action object540 include a cost encapsulator 542, the prescription linker 432, andthe pharmacy linker 442.

The cost encapsulator 542 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with at least one financial value, metric, or any combinationthereof, for example associated with the prescription object 430. As oneexample, the cost encapsulator 542 can include at least one of a price,pricing table, pricing modifier associated with at least one of theprescription object 430, the pharmacy object 440, and the drug object460. The cost encapsulator 542 is configured to generate at least onemodification to a cost value, metric, or any combination thereof, forexample associated with the prescription object 430, the pharmacy object440, and the drug object 460. As one example, the cost encapsulator 542is configured to generate a LongtermSavings value indicating adifference between cost for a prescription upon execution of anopportunity as compared to not executing the opportunity. It is to beunderstood that the cost encapsulator 542 is configured to achieve thetechnical solution of generating the LongtermSavings value based onmultiple factors including multiple drugs that may be subject to costmodification based on multiple prescriptions from multiple healthsupport systems and multiple pharmacy systems. The cost encapsulator 542is configured to generate the LongtermSavings value with respect to aplurality of participants based on individualized records.

The account action object 550 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for example toexecute or facilitate execution of at least one action based on theopportunity action object 540. The account action object 550 can includeone or more instructions, restrictions, security policies, interfaces,or any combination thereof, for example to modify the state of at leastone financial account system associated with the account action object550. As one example, a financial account system can include a bankaccount, an HSA account, a flexible spending account (“FSA”) or anycombination thereof, for example. The account action object 550 caninclude an account identifier 552 and a cost encapsulator 554. Theaccount action object 550 can include an account identifier 552 and acost encapsulator 554. The account identifier 552 contains one or morecharacteristics associated with the financial account associated withthe opportunity action object 530. The account identifier 552 caninclude one or more blocks, links, executables, or any combinationthereof, for example associated with a financial account system. As oneexample, the account identifier 552 is or encapsulates a financialaccount number, a financial account routing number, a financial accountauthorization code, a financial account authorization token, a financialaccount link, or any combination thereof, for example.

The cost encapsulator 554 is configured to encapsulate at least oneexecutable, module, link, or any combination thereof, for exampleassociated with at least one financial value, metric, or any combinationthereof, for example associated with the account identifier 552. As oneexample, the cost encapsulator 542 can include at least one of afinancial contribution amount, financial payment amount, financialcredit amount, financial debit amount, or any combination thereof, forexample associated with the account identifier 552. The costencapsulator 554 is configured to generate at least one modification toa cost value, metric, or any combination thereof, for example associatedwith the account identifier 552. As one example, the cost encapsulator542 is configured to generate a MaxOutContributions value instructing afinancial account system to increase a payment to the financial accountaccording to one or more threshold criteria contained in the accountidentifier 552. It is to be understood that the cost encapsulator 554 isconfigured to achieve the technical solution of generating theMaxOutContributions value based on secure direct communication with afinancial account system.

FIG. 6 illustrates an example gateway database system further to theexample data processing system of FIG. 3 , in accordance with presentimplementations. The example gateway database system 600 corresponds tothe opportunity database 334. As illustrated by way of example in FIG. 6, an example gateway database system 600 can include a gateway eventobject 610, a gateway request object 620, a gateway response object 630,an execution target object 640, a result object 650, and a header object660.

The gateway event object 610 contains at least one link, reference, orany combination thereof, for example to one or more opportunity objects.The gateway event object 610 can control responses to events received atthe gateway engine 310 based on event type. The gateway event object 610is generated, modified, configured, deleted, or any combination thereof,for example, based on an API call by the microservice engine 320. Thegateway event object 610 links at least one event type with at least onecorresponding opportunity object. Thus, The gateway even object 610links one or more opportunity objects to one or more events operable totrigger a response at or by those linked opportunity objects. Thegateway event object 610 can include an object identifier 612, timestamp614, a microservice encapsulator 616, and an opportunity encapsulator618. The object identifier 612 contains one or more characteristicsassociated with an event detected at the gateway engine 310 of the dataprocessing system 120. The object identifier 612 can include one or moreblocks, links, executables, or any combination thereof, for exampleassociated with the gateway event object 610. The timestamp 614 canindicate one or more times of critical events. The timestamp 614 caninclude one or more UNIX timestamps. The timestamp 614 can include atleast one of a creation timestamp, and a modification timestamp. Themodification timestamp is responsive to any action to the gateway eventobject 610 by at least one of the gateway engine 310 and microserviceengine 320.

The microservice encapsulator 616 contains at least one instruction,identifier, command, key, or any combination thereof, for exampleassociated with at least one microservice of the microservice engine320. The microservice encapsulator 616 can include at least one APIcommand associated with an API of the microservice engine 320. As oneexample, the microservice encapsulator 616 can include at least one webaddress, link, universal resource locator (URL), or any combinationthereof, for example, corresponding to an API command of themicroservice engine 320. As another example, the microserviceencapsulator 616 can include at least one web address, link, universalresource locator (URL), or any combination thereof, for example,including at least one parameter, argument, or any combination thereof,for example, corresponding to an API command of the microservice engine320 operable to accept one or more parameters, arguments or anycombination thereof, for example. As another example, the microserviceencapsulator 616 contains one or more regular expressions or anycombination thereof, for example corresponding to at least a portion ofan API command, parameter, argument, or any combination thereof, forexample, of the microservice engine 320.

The opportunity encapsulator 618 at least one instruction, identifier,command, key, or any combination thereof, for example associated with atleast one opportunity object of the opportunity database 334. Theopportunity encapsulator 618 can include a link, reference, identifier,or any combination thereof, for example, to at least one opportunityobject. Alternatively, The opportunity encapsulator 618 can include acopy, duplicate, partial copy, partial duplicate, or any combinationthereof, for example associated with at least one opportunity object.Thus, The opportunity encapsulator 618 associates the opportunity eventobject 610 with at least one opportunity object.

The gateway request object 620 contains at least one link, reference, orany combination thereof, for example to at least one engine of the dataprocessing system 120. The gateway request object 620 can generate,receive, modify, or any combination thereof, for example, at least oneoperation executable by at least one of the gateway engine 310, themicroservices engine 320, the opportunity engine 340, and the securityengine 350. The gateway request object 620 can include an objectidentifier 622, a microservice encapsulator 616, and an execution targetlinker 624. The object identifier 622 contains one or morecharacteristics associated with a request received at, generated by, orany combination thereof, for example, the gateway engine 310 of the dataprocessing system 120. The object identifier 622 can include one or moreblocks, links, executables, or any combination thereof, for exampleassociated with the gateway event object 610.

The execution target linker 624 contains a dynamic link to the executiontarget object 640. The execution target linker 624 can generate, store,or any combination thereof, for example, a link, reference, or anycombination thereof, for example to the execution target object 640associated with the gateway request object 620. The execution targetlinker 624 associates the gateway request object 620 with the executiontarget object 640 in accordance with one or more of a configurationprocess of the gateway engine 310, or a selection, interaction, or anycombination thereof, for example received from a participant computingdevice 232 associated with the participant object 410. The executiontarget linker 624 generates a link, reference, or any combinationthereof, for example to at least one execution target object 640dynamically modifiable based on the state of at least one of aparticipant object 410 and a participant profile object 450. As oneexample, the execution target linker 624 can generate and maintain alink to an execution target object statically or dynamically based on aservice tier supporting execution at one or more predetermined enginesof the data processing system 120.

The gateway response object 630 contains at least one record ofcharacteristics associated with an executed response to the gatewayrequest object 620. The gateway response object 630 can include anencapsulator operable to contain all input to a target execution engineand all output from the target execution engine associated with aparticular gateway request object. The gateway response object 630 caninclude an object identifier 632, timestamp 634, a parameter linker 636,and a result linker 638. The object identifier 632 contains one or morecharacteristics associated with an event detected at the gateway engine310 of the data processing system 120. The object identifier 632 caninclude one or more blocks, links, executables, or any combinationthereof, for example associated with the gateway response object 630.The timestamp 634 can indicate one or more times of critical events. Thetimestamp 634 can include one or more UNIX timestamps. The timestamp 634can include at least one of a creation timestamp, and a modificationtimestamp. The modification timestamp is responsive to any action to thegateway event object 610 by at least one of the gateway engine 310 andmicroservice engine 320.

The parameter linker 636 contains a dynamic link to one or moreparameters or any combination thereof, for example associated with thegateway response object 640. The parameter linker 636 can generate,store, or any combination thereof, for example, a link, reference, orany combination thereof, for example to the parameters in response to atransmission of the execution target object 640 to one or more of thegateway engine 310, the microservice engine 320, the opportunity engine340, and the security engine 350. The parameter linker 636 associatesthe parameters with the gateway response object 640 in accordance withone or more of a configuration process of the gateway engine 310, or ageneration or modification of the gateway response object 640.

The result linker 638 contains a dynamic link to the result object 650.The result linker 638 can generate, store, or any combination thereof,for example, a link, reference, or any combination thereof, for exampleto the result object 650 associated with the gateway response object630. The result linker 638 associates the gateway response object 630with the result object 650 in accordance with one or more of aconfiguration process of the gateway engine 310, or a selection,interaction, or an execution of at least one opportunity objectassociated with the execution target object 640.

The execution target object 640 contains at least one instruction,identifier, command, key, or any combination thereof, for exampleassociated with at least one of the gateway engine 310, the microserviceengine 320. The execution target object 640 controls, triggers,initiates, restricts, or any combination thereof, for example, executionof one or more opportunity objects, gateway objects, or any combinationthereof, for example. As one example, the execution target object 640can direct a gateway request mapping associated with a particularopportunity object to the opportunity engine 340 for execution,modification, deletion, or any combination thereof, for example, of theopportunity object. In some implementations, execution target object 640can include an object identifier 642, a payload encapsulator 644, aparameter linker 646, and a header linker 648. The object identifier 642contains one or more characteristics associated with an event detectedat the gateway engine 310 of the data processing system 120. The objectidentifier 642 can include one or more blocks, links, executables, orany combination thereof, for example associated with the executiontarget object 640.

The payload encapsulator 644 contains one or more objects, references,links, or any combination thereof, for example, associated withexecution of the execution target object 640. As one example, thepayload encapsulator 644 can include one or more payload objectsreturned in response to execution according to the execution targetobject 640. As one example, payload objects can include JSON, binaryexecutable, database objects, or any combination thereof, for example.The size of the payload objects can exceed a predetermined sizethreshold for copying. Thus, The payload encapsulator 644 can replace acopy of the payload object with a reference to the payload object atanother payload encapsulator. The predetermined size threshold can be anabsolute size threshold or a relative size threshold. As one example, anabsolute size threshold can be 1 MB, MiB, or any combination thereof,for example. As another example, a relative size threshold cancorrespond to a proportion of a predetermined capacity of database 330.In this example, the predetermined capacity of database 330 can be 0.1%of the capacity of the database 330, and payload encapsulator 644 can beconfigured to store a reference to the payload object if the payloadobject exceeds be 0.1% of the capacity of the database 330 in size.

The parameter linker 646 contains a dynamic link to one or moreparameters or any combination thereof, for example associated with theexecution target object 640. The parameter linker 646 can generate,store, or any combination thereof, for example, a link, reference, orany combination thereof, for example to the parameters in response to atransmission of the execution target object 640 to one or more of thegateway engine 310, the microservice engine 320, the opportunity engine340, and the security engine 350. The parameter linker 646 associatesthe parameters with the execution target object 640 in accordance withone or more of a configuration process of the gateway engine 310, or anexecution of at least one opportunity object associated with theexecution target object 640.

The header linker 648 contains a dynamic link to one or more parametersor any combination thereof, for example associated with the headerobject 660. The header linker 648 can generate, store, or anycombination thereof, for example, a link, reference, or any combinationthereof, for example to the header object 660 in response to ageneration of the gateway response object 630, or a transmission of theexecution target object 640 to one or more of the gateway engine 310,the microservice engine 320, the opportunity engine 340, and thesecurity engine 350. The header linker 648 associates the parameterswith the header object 660 in accordance with one or more of aconfiguration process of the gateway engine 310, or an execution of atleast one opportunity object associated with the execution target object640.

The result object 650 contains at least one result returned in responseto execution of at least one of an opportunity object and a gatewayrequest object. The result object 650 can include a payload encapsulator652 and a header linker 648. The payload encapsulator 652 contains oneor more objects, references, links, or any combination thereof, forexample, associated with execution of the execution target object 640.The payload encapsulator 652 corresponds to the payload encapsulator644. The payload encapsulator 652 can include a reference to the payloadencapsulator 644 in accordance with one or more thresholds associatedtherewith. Alternatively, The payload encapsulator 644 can include areference to the payload encapsulator 652 in accordance with one or morethresholds associated therewith.

The header object 660 contains at least one object associated withidentifying or executing an opportunity object or a gateway object. Theheader object 660 can include a key encapsulator 662 and a parameterencapsulator 664.

The key encapsulator 662 contains at least one key associated with atleast one participant object, opportunity object, or gateway object. Thekey encapsulator 662 contains a key required by the security engine 350.The security engine 350 validates the header object 660 associated withthe execution target object 640 before allowing execution according tothe execution target object 640. As one example, the security engine 350can block execution of the execution target object 640 if the securityengine 350 determines that the key contained in key encapsulator 662 isinvalid, or corresponds to a security policy incompatible with theexecution target object 640, or the parameters thereof. In this example,the security engine 350 can permit execution if the key contained in keyencapsulator 662 is valid, or corresponds to a security policycompatible with the execution target object 640, or the parametersthereof.

The parameter encapsulator 664 contains one or more parameters or anycombination thereof, for example associated with the execution targetobject 640. The parameter encapsulator 664 can generate, store, or anycombination thereof, for example, a copy of the parameters in responseto a transmission of the execution target object 640 to one or more ofthe gateway engine 310, the microservice engine 320, the opportunityengine 340, and the security engine 350. In some implementations,parameters of the parameter encapsulator 664 corresponds to parametersassociated with the parameter linker 636. The parameter encapsulator 664contains parameters mirrored, copied, or any combination thereof, forexample from parameter linker 636 or in parallel with generation,modification, or any combination thereof, for example, of parameters atthe parameter linker 636.

FIG. 7 illustrates an example electronic device associated with anexample data processing system, in accordance with presentimplementations. The example electronic device 700 can include aprocessor, memory device, and display device to generate a graphicaluser interface, and a communication interface to communication with thedata processing system as discussed above with respect to FIGS. 1A-D and2. The example electronic device can include an opportunity summaryregion 702, a score summary region 704, an account action object region606, and an opportunity list region 710. The example electronic device700 can generate a graphical user interface (“GUI”) representing,displaying, or any combination thereof, for example, one or more ofobjects of FIGS. 4 and 5 . In some implementations, The exampleelectronic device 700 can include a GUI associated with a mobileoperating system. In some implementations, The example electronic device700 is further operable to receive selection, input, or any combinationthereof, for example from a touch-based input system disposed thereon,therewith, or any combination thereof, for example. The touch-basedinput system is a capacitive or a resistive touch interface. In someimplementations, that the mobile interface can include a presentationdevice including but not limited to an LCD, LED, OLED or any combinationthereof, for example.

The opportunity summary region 702 is configured to present at least onemetric associated with one or more opportunity objects available forselection at the example electronic device 700. The opportunity summaryregion 702 presents a total number of available opportunity objects forselection. The opportunity summary region 702 presents a total number ofavailable opportunity objects that have not yet been executed.

The score summary region 704 is configured to present at least onemetric associated with one or more opportunity objects available forelection at the example electronic device 700. The score summary region704 presents at least one execution value associated with the pointmodule 524. The score summary region 704 presents an aggregation of aplurality of execution values associated with a corresponding pluralityof point modules each associated with a particular point value. Theopportunity list region 710 is configured to present at least oneopportunity object 510 as a selectable GUI element. The opportunity listregion can include one or more opportunity objects 712. The opportunityobjects 712 each correspond to a distinct opportunity object 510 of aplurality available at the opportunity database 334.

FIG. 8 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, inaccordance with present implementations. The method 800 can be performedby one or more component, system, device or module depicted in FIGS.1A-7 , including for example, a DPS or device 700.

At step 810, the example system trains a machine learning model withhistorical data. Step 810 can include at least one of steps 812 and 814.At step 812, the example system trains a machine learning model withhistorical data from one or more opportunities or opportunity objects,for example. At step 814, the example system trains a machine learningmodel with opportunities from one or more third party applications orsystems, for example. The method 800 then continues to step 820.

At step 820, the example system identifies at least one third partyapplication from one or more third party applications. Step 820 caninclude at least one of steps 822, 824 and 826. At step 822, the examplesystem identifies at least one third party application among one or morethird party applications with at least one corresponding applicationprogramming interface (API). At step 824, the example system identifiesat least one third party application by an interface of the examplesystem or the data processing system of the example system. At step 826,the example system identifies a particular third party applicationdifferent from another third party application. Both the particularthird party application and the other third party application can beselected or selectable, for example, from the one or more third partyapplications. The method 800 then continues to step 830.

At step 830, the example system crawls a web page of a provider of thethird party application. The example system can crawl a web page byretrieving and parsing the web page to identify one or more portions,fields, components, factors, or values therein, for example. Step 830can include step 832. At step 832, the example system identifies acandidate opportunity on a web page. It is to be understood that theexample system can be configured to crawl, parse, or any combinationthereof, for example, any remote document content, and is not limited toa web page. The method 800 then continues to step 902.

FIG. 9 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 8 , in accordance with present implementations. Themethod 900 can be performed by one or more component, system, device ormodule depicted in FIGS. 1A-7 , including for example, a DPS or device700. The method 900 begins at step 902. The method 900 then continues tostep 910.

At step 910, the example system determines to query at least one thirdparty application responsive to at least one trigger condition. As oneexample, a trigger condition can be a posting of new opportunities, oran expiration of a time period associated with a polling period. Step910 can include at least one of steps 912, 914 and 916. At step 912, theexample system determines to query at least one third party applicationresponsive to a crawling operation. At step 914, the example systemselects a first query template for a first API compatible with a firstthird party application. At step 916, the example system selects asecond query template for a second API compatible with a second thirdparty application. The method 900 then continues to step 920.

At step 920, the example system constructs a first query associated witha first third party application. As one example, the example system cangenerate a first query based on parameters of the first API. Step 920can include at least one of steps 922, 924 and 926. At step 922, theexample system constructs a second query associated with a second thirdparty application, where the second query is different from the firstquery. The second query can be different from the first query. At step924, the example system constructs one or more of the first query andthe second query with one or more corresponding authorizing credentialsfor receiving a response. At step 926, the example system constructs oneor more of the first query and the second query for receiving a responseassociated with an opportunity event. The method 900 then continues tostep 1002.

FIG. 10 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 9 , in accordance with present implementations. Themethod 1000 can be performed by one or more component, system, device ormodule depicted in FIGS. 1A-7 , including for example, a DPS or device700. The method 1000 begins at step 1002. The method 1000 then continuesto step 1010.

At step 1010, the example system determines to transmit a query based atleast partially on a location associated with a computing device. Thelocation associated with the computing device can be an address,geolocation, coordinate, geofence, or any combination thereof, forexample. The computing device can be a mobile device associated with,carried by, or co-located with a participant. Step 1010 can include atleast one of steps 1012 and 1014. At step 1012, the example systemdetermines to transit a query at least partially by a participant objectinput to a machine learning model. The input can include one or moremetrics compatible with input to the machine learning model and based onone or more values, for example, associated with a participant object.At step 1014, the example system determines to transmit based at leastpartially on the output of a machine learning model. The method 1000then continues to step 1020.

At step 1020, the example system transmits a query to a third partyapplication. Step 1020 can include step 1022. At step 1022, the examplesystem transmits a query constructed by a template compatible with anAPI associated with the third party application. The method 1000 thencontinues to step 1030. At step 1030, the example system receives aresponse associated with an opportunity event from the third partyapplication. The method 1000 then continues to step 1040. At step 1040,the example system parses a received response to identify an opportunityevent. The method 1000 then continues to step 1050.

At step 1050, the example system constructs an opportunity object basedon the identified opportunity event. The method 1000 then continues tostep 1102.

FIG. 11 illustrates an example method of digital feed generation by amicro-services architecture integrating heterogeneous nodes, further tothe method of FIG. 10 , in accordance with present implementations. Themethod 1100 can be performed by one or more component, system, device ormodule depicted in FIGS. 1A-7 , including for example, a DPS or device700. The method 1100 begins at step 1102. The method 1100 then continuesto step 1110.

At step 1110, the example system selects a participant object satisfyingone or more parameters associated with an opportunity event. As oneexample, the example system can select a participant object for aparticipant enrolled with a third party provider associated with theopportunity event. The method 1100 then continues to step 1120.

At step 1120, the example system provides an indication of theopportunity objects to at least one computing device. As one example, anindication can be a push notification, a text message, a telephone call,or any combination thereof, for example. Step 1122 can include step1122. At step 1122, the example system provides an indication of theopportunity objects to at least one computing device associated with aparticipant object. The method 1100 then continues to step 1130.

At step 1130, the example system transmits at least one opportunityobject for presentation via a computing device. The computing device canbe associated with the participant having a participant objectassociated with opportunity object. The method 1100 then continues tostep 1140. At step 1140, the example system receives an indication toexecute an opportunity object via a computing device. As one example,the indication can be an execution instruction received in response to aclick or touch event, for example, at the computing device. The method1100 then continues to step 1150.

At step 1150, the example system authorizes execution of the opportunityobject by the participant object. As one example, authorization can bean instruction approving execution of one or more operations at a thirdparty system, where the operations correspond to the opportunity object.The method 1100 can end at step 1150.

It should be understood that the systems described above can providemultiple ones of any or each of those components and these componentscan be provided on either a standalone machine or, in someimplementations, on multiple machines in a distributed system. Thesystems and methods described above can be implemented as a method,apparatus or article of manufacture using programming or engineeringtechniques to produce software, firmware, hardware, or any combinationthereof. In addition, the systems and methods described above can beprovided as one or more computer-readable programs embodied on or in oneor more articles of manufacture. The term “article of manufacture” asused herein is intended to encompass code or logic accessible from andembedded in one or more computer-readable devices, firmware,programmable logic, memory devices (e.g., EEPROMs, ROMs, PROMs, RAMs,SRAMs, etc.), hardware (e.g., integrated circuit chip, FieldProgrammable Gate Array (FPGA), Application Specific Integrated Circuit(ASIC), etc.), electronic devices, a computer readable non-volatilestorage unit (e.g., CD-ROM, floppy disk, hard disk drive, etc.). Thearticle of manufacture can be accessible from a file server providingaccess to the computer-readable programs via a network transmissionline, wireless transmission media, signals propagating through space,radio waves, infrared signals, etc. The article of manufacture can be aflash memory card or a magnetic tape. The article of manufacture caninclude hardware logic as well as software or programmable code embeddedin a computer readable medium that is executed by a processor. Ingeneral, the computer-readable programs can be implemented in anyprogramming language, such as LISP, PERL, C, C++, C#, PROLOG, or in anybyte code language such as JAVA. The software programs can be stored onor in one or more articles of manufacture as object code.

At least one aspect of this technical solution is directed to a systemfor generating a metric-based digital feed performance model, with adata processing system comprising memory and one or more processors toexecute a participant microservice under a first authorizationrestriction, to obtain a participant object associated with a supportservice, execute a gateway microservice to determine whether theparticipant microservice satisfies the first authorization restriction,and in accordance with a determination that the participant microservicesatisfies the first authorization restriction, authorize the participantmicroservice to obtain the participant object, execute an opportunitydiscovery microservice under a second authorization restriction, toobtain an opportunity object associated with the participant object, andto determine whether the opportunity object associated with theparticipant object satisfies an opportunity condition, in accordancewith a determination that the opportunity object associated with theparticipant object satisfies the opportunity condition, execute thegateway microservice to authorize the opportunity discovery microserviceto obtain the opportunity object, and determine whether the opportunitydiscovery microservice satisfies a third authorization restriction, andin accordance with a determination that the opportunity discoverymicroservice satisfies the third authorization restriction, authorizethe opportunity discovery microservice to modify an opportunity objectindex at a participant system associated with the participant object.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to execute animport microservice under a fourth authorization restriction, to obtain,from a health data processing system, a support record associated withthe participant identifier and the support service, where theparticipant object is associated with a support service and a supportaccount.

At least one aspect of this technical solution is directed to a systemwhere the health data processing system is a pharmaceutical dataprocessing system, and the support record is a pharmaceuticalprescription record.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to execute aprescription microservice to generate a transaction value associatedwith the pharmaceutical prescription record and the support account.

At least one aspect of this technical solution is directed to a systemwhere the health data processing system is a health care provider dataprocessing system, and the support record is a health care providerprogram record.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to execute anaccount microservice to modify a financial contribution to a supportaccount associated with the support service and the participantidentifier.

At least one aspect of this technical solution is directed to a systemof claim 6, wherein the data processing system is further configured toexecute an attachment microservice to generate a link between theparticipant object and the support account.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to execute thegateway microservice to configure at least one of the firstauthorization restriction, the second authorization restriction, thethird authorization restriction, and the fourth authorizationrestriction.

At least one aspect of this technical solution is directed to a systemwhere the data processing system is further configured to execute thegateway microservice to apply a security token associated with the thirdsecurity restriction, wherein the determination that the participantmicroservice satisfies the first authorization restriction can includevalidating the security token.

At least one aspect of this technical solution is directed to a methodfor generating a metric-based digital feed performance model, by,obtaining, by a participant microservice under a first authorizationrestriction, a participant object associated with a support service,determining, by a gateway microservice, whether the participantmicroservice satisfies the first authorization restriction, authorizingthe participant microservice to obtain the participant object, inaccordance with a determination that the participant microservicesatisfies the first authorization restriction, obtaining, by anopportunity discovery microservice under a second authorizationrestriction, an opportunity object associated with the participantobject, determining, by the opportunity discovery microservice under thesecond authorization restriction, whether the opportunity objectassociated with the participant object satisfies an opportunitycondition, authorizing, by the gateway microservice, the opportunitydiscovery microservice to obtain the opportunity object, in accordancewith a determination that the opportunity object associated with theparticipant object satisfies the opportunity condition, determining, bythe gateway microservice, whether the opportunity discovery microservicesatisfies a third authorization restriction, and authorizing theopportunity discovery microservice to modify an opportunity object indexat a participant system associated with the participant object, inaccordance with a determination that the opportunity discoverymicroservice satisfies the third authorization restriction.

At least one aspect of this technical solution is directed to a methodof including obtaining, by an import microservice under a fourthauthorization restriction, from a health data processing system, asupport record associated with the participant identifier and thesupport service, wherein the participant object is associated with asupport service and a support account.

At least one aspect of this technical solution is directed to a methodwhere the health data processing system is a pharmaceutical dataprocessing system, and the support record is a pharmaceuticalprescription record.

At least one aspect of this technical solution is directed to a methodincluding generating, by a prescription microservice, a transactionvalue associated with the pharmaceutical prescription record and thesupport account.

At least one aspect of this technical solution is directed to a methodwhere the health data processing system is a health care provider dataprocessing system, and the support record is a health care providerprogram record.

At least one aspect of this technical solution is directed to a methodincluding modifying, by an account microservice, a financialcontribution to a support account associated with the support serviceand the participant identifier.

At least one aspect of this technical solution is directed to a methodincluding generating, by an attachment microservice, a link between theparticipant object and the support account.

At least one aspect of this technical solution is directed to a systemincluding configuring, by the gateway microservice, at least one of thefirst authorization restriction, the second authorization restriction,the third authorization restriction, and the fourth authorizationrestriction.

At least one aspect of this technical solution is directed to a systemincluding the data processing system is further configured to applying,by the gateway microservice, a security token associated with the thirdsecurity restriction, wherein the determination that the participantmicroservice satisfies the first authorization restriction can includevalidating the security token.

At least one aspect of this technical solution is directed to a computerreadable medium with one or more instructions stored thereon andexecutable by a processor to execute a participant microservice under afirst authorization restriction, to obtain a participant objectassociated with a support service, execute a gateway microservice todetermine whether the participant microservice satisfies the firstauthorization restriction, and in accordance with a determination thatthe participant microservice satisfies the first authorizationrestriction, authorize the participant microservice to obtain theparticipant object, execute an opportunity discovery microservice undera second authorization restriction, to obtain an opportunity objectassociated with the participant object, and to determine whether theopportunity object associated with the participant object satisfies anopportunity condition, in accordance with a determination that theopportunity object associated with the participant object satisfies theopportunity condition, execute the gateway microservice to authorize theopportunity discovery microservice to obtain the opportunity object, anddetermine whether the opportunity discovery microservice satisfies athird authorization restriction, and in accordance with a determinationthat the opportunity discovery microservice satisfies the thirdauthorization restriction, authorize the opportunity discoverymicroservice to modify an opportunity object index at a participantsystem associated with the participant object.

At least one aspect of this technical solution is directed to a computerreadable medium where the computer readable medium further can includeone or more instructions executable by a processor to execute an accountmicroservice to modify a financial contribution to a support accountassociated with the support service and the participant identifier.

The herein described subject matter sometimes illustrates differentcomponents contained within, or connected with, different othercomponents. It is to be understood that such depicted architectures areillustrative, and that in fact many other architectures can beimplemented which achieve the same functionality. In a conceptual sense,any arrangement of components to achieve the same functionality iseffectively “associated” such that the desired functionality isachieved. Hence, any two components herein combined to achieve aparticular functionality can be seen as “associated with” each othersuch that the desired functionality is achieved, irrespective ofarchitectures or intermedial components. Likewise, any two components soassociated can also be viewed as being “operably connected,” or“operably coupled,” to each other to achieve the desired functionality,and any two components capable of being so associated can also be viewedas being “operably couplable,” to each other to achieve the desiredfunctionality. Specific examples of operably couplable include but arenot limited to physically mateable and/or physically interactingcomponents and/or wirelessly interactable and/or wirelessly interactingcomponents and/or logically interacting and/or logically interactablecomponents.

With respect to the use of plural and/or singular terms herein, thosehaving skill in the art can translate from the plural to the singularand/or from the singular to the plural as is appropriate to the contextand/or application. The various singular/plural permutations may beexpressly set forth herein for sake of clarity.

It will be understood by those within the art that, in general, termsused herein, and especially in the appended claims (e.g., bodies of theappended claims) are generally intended as “open” terms (e.g., the term“including” should be interpreted as “including but not limited to,” theterm “having” should be interpreted as “having at least,” the term“includes” should be interpreted as “includes but is not limited to,”etc.).

Although the figures and description may illustrate a specific order ofmethod steps, the order of such steps may differ from what is depictedand described, unless specified differently above. Also, two or moresteps may be performed concurrently or with partial concurrence, unlessspecified differently above. Such variation may depend, for example, onthe software and hardware systems chosen and on designer choice. Allsuch variations are within the scope of the disclosure. Likewise,software implementations of the described methods could be accomplishedwith standard programming techniques with rule-based logic and otherlogic to accomplish the various connection steps, processing steps,comparison steps, and decision steps.

It will be further understood by those within the art that if a specificnumber of an introduced claim recitation is intended, such an intentwill be explicitly recited in the claim, and in the absence of suchrecitation, no such intent is present. For example, as an aid tounderstanding, the following appended claims may contain usage of theintroductory phrases “at least one” and “one or more” to introduce claimrecitations. However, the use of such phrases should not be construed toimply that the introduction of a claim recitation by the indefinitearticles “a” or “an” limits any particular claim containing suchintroduced claim recitation to inventions containing only one suchrecitation, even when the same claim includes the introductory phrases“one or more” or “at least one” and indefinite articles such as “a” or“an” (e.g., “a” and/or “an” should typically be interpreted to mean “atleast one” or “one or more”); the same holds true for the use ofdefinite articles used to introduce claim recitations. In addition, evenif a specific number of an introduced claim recitation is explicitlyrecited, those skilled in the art will recognize that such recitationshould typically be interpreted to mean at least the recited number(e.g., the bare recitation of “two recitations,” without othermodifiers, typically means at least two recitations, or two or morerecitations).

Furthermore, in those instances where a convention analogous to “atleast one of A, B, and C, etc.” is used, in general such a constructionis intended in the sense one having skill in the art would understandthe convention (e.g., “a system having at least one of A, B, and C”would include but not be limited to systems that have A alone, B alone,C alone, A and B together, A and C together, B and C together, and/or A,B, and C together, etc.). In those instances where a conventionanalogous to “at least one of A, B, or C, etc.” is used, in general,such a construction is intended in the sense one having skill in the artwould understand the convention (e.g., “a system having at least one ofA, B, or C” would include but not be limited to systems that have Aalone, B alone, C alone, A and B together, A and C together, B and Ctogether, and/or A, B, and C together, etc.). It will be furtherunderstood by those within the art that virtually any disjunctive wordand/or phrase presenting two or more alternative terms, whether in thedescription, claims, or drawings, should be understood to contemplatethe possibilities of including one of the terms, either of the terms, orboth terms. For example, the phrase “A or B” will be understood toinclude the possibilities of “A” or “B” or “A and B.”

Further, unless otherwise noted, the use of the words “approximate,”“about,” “around,” “substantially,” etc., mean plus or minus tenpercent.

The foregoing description of illustrative implementations has beenpresented for purposes of illustration and of description. It is notintended to be exhaustive or limiting with respect to the precise formdisclosed, and modifications and variations are possible in light of theabove teachings or may be acquired from practice of the disclosedimplementations. It is intended that the scope of the invention bedefined by the claims appended hereto and their equivalents.

What is claimed is:
 1. A system, comprising: a data processing systemcomprising memory operatively coupled with one or more hardwareprocessors to: determine, based on information associated with one ormore participant objects input into a machine learning model, totransmit a query to a third-party application based on an output of themachine learning model, the machine learning model trained withhistorical data associated with opportunities provided by third-partyapplications; transmit, to the third-party application, the queryconstructed based on a template compatible with an applicationprogramming interface (“API”) of the third-party application; receive,responsive to the query, a response from the third-party applicationcomprising an event and a profile for a participant of a serviceprovided by a provider associated with the third-party application, theprofile object including a health metric linked with a participantobject that maintains information about the participant and is generatedin response to importing the health metric from a third-partyadministrator device associated with the provider, the event indicativeof an opportunity to reduce resource utilization; determine that theparticipant object satisfies a parameter corresponding to a type ofaccount associated with the participant object and the event; andprovide, to a computing device of the participant object responsive tosatisfaction of the parameter, an indication of a modification to theaccount, the modification based on the type of account.
 2. The system ofclaim 1, comprising the data processing system to: determine to querythe third-party application responsive to a trigger condition.
 3. Thesystem of claim 1, comprising the data processing system to: crawl a webpage associated with the provider of the third-party application; anddetermine, responsive to the crawl of the web page, to query thethird-party application responsive to identifying a candidateopportunity on the web page of the provider associated with thethird-party application.
 4. The system of claim 1, comprising the dataprocessing system to: determine, based on a location of the computingdevice linked with the participant object, to transmit the query to thethird-party application.
 5. The system of claim 1, comprising the dataprocessing system to: identify, via an interface of the data processingsystem, the third-party application among a plurality of third-partyapplications configured with application programming interfaces (“APIs”)compatible with the interface of the data processing system.
 6. Thesystem of claim 1, comprising the data processing system to: identify asecond third-party application different from the third-partyapplication; select a second template different than the template, thesecond template compatible with a second API of the second third-partyapplication that is different than the API of the third-partyapplication; and construct a second query for opportunities based on thesecond template.
 7. The system of claim 1, comprising the dataprocessing system to: construct the query with credentials authorizingthe data processing system to receive the response with the event. 8.The system of claim 7, wherein the credentials correspond to theparticipant object.
 9. The system of claim 1, comprising the dataprocessing system to: parse the response to identify the event;construct an object to provide to the computing device based on theidentified event; and transmit the object based on the event forpresentation via the computing device.
 10. The system of claim 9,comprising the data processing system to: receive, responsive totransmission of the object based on the event, an indication to executethe object based on the event; and authorize, responsive to theindication, the object based on the event for execution by theparticipant object.
 11. A method, comprising: determining, by a dataprocessing system comprising one or more processors, based oninformation associated with one or more participant objects input into amachine learning model, to transmit a query to a third-party applicationbased on an output of the machine learning model, the machine learningmodel trained with historical data associated with opportunitiesprovided by third-party applications; transmitting, by the dataprocessing system, to the third-party application, the query constructedbased on a template compatible with an application programming interface(“API”) of the third-party application; receiving, by the dataprocessing system, responsive to the query, a response from thethird-party application comprising an event and a profile for aparticipant of a service provided by a provider associated with thethird-party application, the profile object including a health metriclinked with a participant object that maintains information about theparticipant and is generated in response to importing the health metricfrom a third-party administrator device associated with the provider,the event indicative of an opportunity to reduce resource utilization;determining, by the data processing system, that the participant objectsatisfies a parameter corresponding to a type of account associated withthe participant object and the event; and providing, by the dataprocessing system, to a computing device of the participant objectresponsive to satisfaction of the parameter, an indication of amodification to the account, the modification based on the type ofaccount.
 12. The method of claim 11, further comprising: determining, bythe data processing system, to query the third-party applicationresponsive to a trigger condition.
 13. The method of claim 11, furthercomprising: crawling a web page associated with the provider of thethird-party application; and determining, responsive to the crawl of theweb page, to query the third-party application responsive to identifyinga candidate opportunity on the web page of the provider associated withthe third-party application.
 14. The method of claim 11, furthercomprising: determining, based on a location of the computing devicelinked with the participant object, to transmit the query to thethird-party application.
 15. The method of claim 11, further comprising:identifying, via an interface of the data processing system, thethird-party application among a plurality of third-party applicationsconfigured with application programming interfaces (“APIs”) compatiblewith the interface of the data processing system.
 16. The method ofclaim 11, further comprising: identifying a second third-partyapplication different from the third-party application; selecting asecond template different than the template, the second templatecompatible with a second API of the second third-party application thatis different than the API of the third-party application; and constructa second query for opportunities based on the second template.
 17. Themethod of claim 11, further comprising: constructing the query withcredentials authorizing the data processing system to receive theresponse with the event.
 18. The method of claim 17, wherein thecredentials correspond to the participant object.
 19. The method ofclaim 11, further comprising: parsing the response to identify theevent; constructing an object to provide to the computing device basedon the identified event; and transmitting the object based on the eventfor presentation via the computing device.
 20. The method of claim 19,further comprising: receiving, responsive to transmission of the objectbased on the event, an indication to execute the object based on theevent; and authorizing, responsive to the indication, the object basedon the event for execution by the participant object.